urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Submission: On August 30 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 146 IPs in 17 countries across 138 domains to perform 720 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 664518.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
11 2a00:1450:400... 15169 (GOOGLE)
3 7 162.210.196.208 30633 (LEASEWEB-...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
15 2400:52e0:1e0... 200325 (BUNNYCDN)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
41 151.101.129.44 54113 (FASTLY)
2 2001:4de0:ac1... 20446 (STACKPATH...)
66 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
8 23.97.225.52 8075 (MICROSOFT...)
3 6 2620:116:800d... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 69.173.144.137 26667 (RUBICONPR...)
1 2602:803:c004... 26667 (RUBICONPR...)
19 52.210.70.148 16509 (AMAZON-02)
1 185.255.84.151 200271 (IGUANE-)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 95.101.149.35 16625 (AKAMAI-AS)
1 6 104.18.39.155 13335 (CLOUDFLAR...)
9 172.67.10.198 13335 (CLOUDFLAR...)
1 5 35.227.252.103 15169 (GOOGLE)
3 5 145.40.97.66 54825 (PACKET)
1 35.158.222.16 16509 (AMAZON-02)
7 11 37.252.171.52 29990 (ASN-APPNEX)
1 18.192.134.194 16509 (AMAZON-02)
1 6 51.89.9.252 16276 (OVH)
1 2a02:2638:d::a 44788 (ASN-CRITE...)
1 5 2a02:2638:3::c 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a02:2638:3::3 44788 (ASN-CRITE...)
1 34.102.146.192 396982 (GOOGLE-CL...)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 162.19.138.118 16276 (OVH)
4 2a00:1450:400... 15169 (GOOGLE)
1 178.250.7.13 44788 (ASN-CRITE...)
16 185.106.33.48 200478 (TABOOLA-AS)
5 5 23.56.202.187 16625 (AKAMAI-AS)
12 23.218.210.30 16625 (AKAMAI-AS)
18 52.223.40.198 16509 (AMAZON-02)
4 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 12 35.244.159.8 15169 (GOOGLE)
4 2600:1f18:24e... 14618 (AMAZON-AES)
8 141.226.228.48 200478 (TABOOLA-AS)
37 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
27 2606:4700:20:... 13335 (CLOUDFLAR...)
1 85.91.45.43 27381 (CASALE-MEDIA)
6 8 69.173.144.139 26667 (RUBICONPR...)
5 20.231.53.73 8075 (MICROSOFT...)
5 6 37.157.6.254 198622 (ADFORM)
3 6 67.220.228.201 16509 (AMAZON-02)
17 43 142.250.186.162 15169 (GOOGLE)
3 9 2a05:d018:d29... 16509 (AMAZON-02)
13 14 3.73.109.228 16509 (AMAZON-02)
5 7 3.71.149.231 16509 (AMAZON-02)
1 1 193.135.9.127 48314 (IP-PROJECTS)
1 1 89.163.240.121 24961 (MYLOC-AS ...)
4 4 69.173.144.165 26667 (RUBICONPR...)
2 4 52.46.151.131 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 172.105.43.230 63949 (AKAMAI-LI...)
2 151.101.193.44 54113 (FASTLY)
2 15 172.64.148.101 13335 (CLOUDFLAR...)
1 2 104.75.89.75 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 8 2a00:1450:400... 15169 (GOOGLE)
3 3 98.98.134.242 21859 (ZEN-ECN)
3 4 18.200.64.186 16509 (AMAZON-02)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
3 185.80.39.216 27381 (CASALE-MEDIA)
1 2a05:d018:cc3... 16509 (AMAZON-02)
3 4 151.101.66.49 54113 (FASTLY)
2 172.64.149.180 13335 (CLOUDFLAR...)
3 88.99.219.174 24940 (HETZNER-AS)
16 16 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 3.74.29.98 16509 (AMAZON-02)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.190.0.66 15169 (GOOGLE)
1 5 46.4.10.47 24940 (HETZNER-AS)
1 5 78.46.111.106 24940 (HETZNER-AS)
2 69.16.175.10 20446 (STACKPATH...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 185.29.132.241 30419 (MEDIAMATH...)
3 4 34.91.62.186 396982 (GOOGLE-CL...)
3 3 85.114.159.93 24961 (MYLOC-AS ...)
2 2 35.210.53.219 19527 (GOOGLE-2)
3 3 178.250.7.11 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:1901:0:7... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
13 2400:52e0:1e0... 200325 (BUNNYCDN)
3 138.201.63.145 24940 (HETZNER-AS)
1 3 92.123.148.9 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 54.36.108.3 16276 (OVH)
1 141.226.224.32 200478 (TABOOLA-AS)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 3.9.22.61 16509 (AMAZON-02)
1 13.32.99.85 16509 (AMAZON-02)
1 184.30.16.183 16625 (AKAMAI-AS)
2 3 76.223.111.18 16509 (AMAZON-02)
1 95.101.148.20 16625 (AKAMAI-AS)
1 1 167.235.184.171 24940 (HETZNER-AS)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
2 2 142.250.184.198 15169 (GOOGLE)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 167.233.13.224 24940 (HETZNER-AS)
1 3.213.106.164 14618 (AMAZON-AES)
5 3.221.13.170 14618 (AMAZON-AES)
2 2 3.122.68.240 16509 (AMAZON-02)
1 52.211.254.183 16509 (AMAZON-02)
2 3 81.17.55.108 60781 (LEASEWEB-...)
3 23.32.184.192 16625 (AKAMAI-AS)
1 2600:9000:223... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
2 44.194.237.52 14618 (AMAZON-AES)
2 3 216.52.2.48 32475 (SINGLEHOP...)
3 216.52.2.91 32475 (SINGLEHOP...)
6 6 46.228.174.117 56396 (AMOBEE)
4 4 2001:678:cb4:... 56396 (AMOBEE)
2 2 193.0.160.130 54312 (ROCKETFUEL)
1 1 69.166.1.35 27630 (AS-XFERNET)
1 1 34.225.251.53 14618 (AMAZON-AES)
4 18.184.69.99 16509 (AMAZON-02)
1 1 2.18.160.23 16625 (AKAMAI-AS)
1 1 8.2.110.24 46636 (NATCOWEB)
2 4 2.16.238.158 20940 (AKAMAI-ASN1)
5 6 34.253.165.174 16509 (AMAZON-02)
1 3.224.91.154 14618 (AMAZON-AES)
1 1 34.160.19.107 396982 (GOOGLE-CL...)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 104.18.38.76 13335 (CLOUDFLAR...)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
9 54.229.162.154 16509 (AMAZON-02)
3 3 70.42.32.127 22075 (AS-OUTBRAIN)
2 2 185.255.84.152 200271 (IGUANE-)
2 80.77.87.166 46636 (NATCOWEB)
9 9 198.47.127.18 62713 (AS-PUBMATIC)
2 2 52.51.131.236 16509 (AMAZON-02)
3 18 185.64.191.210 62713 (AS-PUBMATIC)
3 3 208.93.169.131 46244 (WEBMD-IDC...)
1 17 52.210.15.1 16509 (AMAZON-02)
2 2 35.210.239.72 15169 (GOOGLE)
2 3 64.202.112.223 22075 (AS-OUTBRAIN)
2 2 54.158.197.157 14618 (AMAZON-AES)
1 1 52.0.248.85 14618 (AMAZON-AES)
1 169.197.150.8 398989 (DEEPINTENT)
1 1 2.23.197.190 16625 (AKAMAI-AS)
2 2 176.34.208.209 16509 (AMAZON-02)
1 5 198.47.127.19 62713 (AS-PUBMATIC)
1 1 8.43.72.97 26667 (RUBICONPR...)
1 1 202.241.208.53 4694 (IDCF IDC ...)
5 8 185.86.139.104 201081 (SMARTADSE...)
1 1 2600:9000:211... 16509 (AMAZON-02)
1 54.247.40.125 16509 (AMAZON-02)
1 1 141.95.32.72 16276 (OVH)
1 34.199.0.42 14618 (AMAZON-AES)
2 2606:4700:e4:... 13335 (CLOUDFLAR...)
3 4 157.90.211.246 24940 (HETZNER-AS)
3 10 185.64.190.80 62713 (AS-PUBMATIC)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 44.209.220.96 14618 (AMAZON-AES)
4 185.64.190.81 62713 (AS-PUBMATIC)
2 2 8.2.108.175 46636 (NATCOWEB)
1 1 37.157.2.234 198622 (ADFORM)
2 2606:4700:e0:... 13335 (CLOUDFLAR...)
4 34.120.195.249 396982 (GOOGLE-CL...)
6 2a00:1450:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 1 82.145.213.8 39832 (NO-OPERA)
1 1 35.214.159.146 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.122 42697 (NETIC-AS)
1 1 146.59.148.16 16276 (OVH)
1 1 64.227.64.62 14061 (DIGITALOC...)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 72.251.241.196 32475 (SINGLEHOP...)
2 2 213.155.156.166 1299 (TWELVE99 ...)
1 35.186.193.173 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
1 1 35.186.154.107 396982 (GOOGLE-CL...)
1 1 141.95.171.141 16276 (OVH)
2 2 141.94.170.77 16276 (OVH)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 162.55.120.196 ()
720 146
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
11    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
7    162.210.196.208 (Fairfax, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
sync.aralego.com
4    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
15    2400:52e0:1e00::1077:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.unibotscdn.com
2    2a02:26f0:3500:12::1730:17a5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
delivery.adrecover.com
5    2a02:26f0:3500:12::1730:179c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.adpushup.com
41    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstatb.taboola.com
2    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
66    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
11    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
8    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
6    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
2    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
19    52.210.70.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
6    104.18.39.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
9    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
5    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
5    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    35.158.222.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-222-16.eu-central-1.compute.amazonaws.com
tlx.3lift.com
11    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    18.192.134.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-134-194.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
6    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
5    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
5    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d-32056384452617586320.ampproject.net
www.gstatic.com
1    2600:9000:223c:ba00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2600:9000:2250:d200:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
3    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
6    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
bddc6028702850c1fb546343868fa55d.safeframe.googlesyndication.com
a988d8e92c02044dc6e85070af069dd5.safeframe.googlesyndication.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2606:4700:e0::ac40:6719 (United States)

ASN13335 (CLOUDFLARENET, US)
amp.analytics-debugger.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
4    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
16    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
5    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
12    23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
18    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
eu-u.openx.net
us-u.openx.net
adpushup-d.openx.net
u.openx.net
4    2600:1f18:24e6:b901:5b57:3cdc:ce57:409f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
http-intake.logs.datadoghq.com
8    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
am-wf.taboola.com
37    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
18    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
7    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
27    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
1    85.91.45.43 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a5129.casalemedia.com
8    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
5    20.231.53.73 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
q.clarity.ms
6    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
6    67.220.228.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
43    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
9    2a05:d018:d29:3602:2dd:853d:91ea:688e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
14    3.73.109.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-109-228.eu-central-1.compute.amazonaws.com
x.bidswitch.net
7    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    193.135.9.127 (Germany)

ASN48314 (IP-PROJECTS, DE)
ads.smartstream.tv
1    89.163.240.121 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm46.as.net
cm.adsafety.net
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    172.105.43.230 (Mumbai, India)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-105-43-230.ip.linodeusercontent.com
newsbot.unibots.in
2    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
15    172.64.148.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com
sync.teads.tv
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
8    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
4    18.200.64.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-64-186.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
3    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
r.casalemedia.com
dsum.casalemedia.com
1    2a05:d018:cc3:fe05:68a7:929a:9ab1:3195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
4    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
3    88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de
hal9000.redintelligence.net
16    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
openx2-match.dotomi.com
casale-match.dotomi.com
pubmatic-match.dotomi.com
2    3.74.29.98 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-29-98.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
5    46.4.10.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de
hal90002.redintelligence.net
5    78.46.111.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de
hal900027.redintelligence.net
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
vast.aniview.com
1    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
3    85.114.159.93 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
3    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
1    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
13    2400:52e0:1e00::722:1 (Germany)

ASN200325 (BUNNYCDN, SI)
stream.unibotscdn.com
3    138.201.63.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de
hal900010.redintelligence.net
3    92.123.148.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com
www.awin1.com
1    2606:4700::6812:bbe0 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.ch
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    54.36.108.3 (France)

ASN16276 (OVH, FR)
PTR: ns3112796.ip-54-36-108.eu
cdn.contentspread.net
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    2a02:26f0:3500:58c::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
2    3.9.22.61 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-22-61.eu-west-2.compute.amazonaws.com
track.webgains.com
1    13.32.99.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-85.fra60.r.cloudfront.net
public.servenobid.com
1    184.30.16.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-183.deploy.static.akamaitechnologies.com
acdn.adnxs.com
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
1    167.235.184.171 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.171.184.235.167.clients.your-server.de
inv-nets.admixer.net
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
ad.doubleclick.net
2    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
1    3.213.106.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-106-164.compute-1.amazonaws.com
gov.aniview.com
5    3.221.13.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-13-170.compute-1.amazonaws.com
track1.aniview.com
2    3.122.68.240 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-68-240.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
1    52.211.254.183 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-254-183.eu-west-1.compute.amazonaws.com
g2.gumgum.com
3    81.17.55.108 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync.smartadserver.com
3    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2600:9000:223f:5800:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
2    44.194.237.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-237-52.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
3    216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
3    216.52.2.91 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
6    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    34.225.251.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-251-53.compute-1.amazonaws.com
ssp.disqus.com
4    18.184.69.99 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-69-99.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
hbx.media.net
1    8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
4    2.16.238.158 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-158.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
6    34.253.165.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-165-174.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    3.224.91.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-91-154.compute-1.amazonaws.com
rtb.adentifi.com
1    34.160.19.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
1    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
ids.ad.gt
1    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
9    54.229.162.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
cs.minutemedia-prebid.com
3    70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    80.77.87.166 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
9    198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    52.51.131.236 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-131-236.eu-west-1.compute.amazonaws.com
ads.avct.cloud
18    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
3    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
17    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
2    35.210.239.72 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
3    64.202.112.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    54.158.197.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-197-157.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    52.0.248.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-248-85.compute-1.amazonaws.com
sync.ipredictive.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    176.34.208.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-208-209.eu-west-1.compute.amazonaws.com
ad.360yield.com
5    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    202.241.208.53 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
8    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
sync.smartadserver.com
1    2600:9000:211e:fa00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    54.247.40.125 (Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-40-125.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
1    141.95.32.72 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-005.roqad.pl
ws.rqtrk.eu
1    34.199.0.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-0-42.compute-1.amazonaws.com
sync.aniview.com
2    2606:4700:e4::ac40:a923 (United States)

ASN13335 (CLOUDFLARENET, US)
servedby.grouprvn.com
4    157.90.211.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.211.90.157.clients.your-server.de
sync.richaudience.com
10    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    44.209.220.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-220-96.compute-1.amazonaws.com
a.audrte.com
4    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    8.2.108.175 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    2606:4700:e0::ac40:6d11 (United States)

ASN13335 (CLOUDFLARENET, US)
player.privateserving.com
4    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o4504469071069184.ingest.sentry.io
6    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
2    2607:f8b0:4006:807::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    35.214.159.146 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 146.159.214.35.bc.googleusercontent.com
csync.loopme.me
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    146.59.148.16 (Reims, France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel.onaudience.com
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    72.251.241.196 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    213.155.156.166 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    35.186.154.107 (Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.154.186.35.bc.googleusercontent.com
cm-supply-web.gammaplatform.com
1    141.95.171.141 (France)

ASN16276 (OVH, FR)
PTR: bixel-7.cloudy.ovh
green.erne.co
2    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel-eu.onaudience.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    162.55.120.196 (None, )

ASN- ()
matching.truffle.bid
Apex Domain
Subdomains		 Transfer
109 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
bddc6028702850c1fb546343868fa55d.safeframe.googlesyndication.com
a988d8e92c02044dc6e85070af069dd5.safeframe.googlesyndication.com
947 KB
81 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210
stats.g.doubleclick.net — Cisco Umbrella Rank: 93
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
cm.g.doubleclick.net — Cisco Umbrella Rank: 242
ad.doubleclick.net — Cisco Umbrella Rank: 175
pubads.g.doubleclick.net — Cisco Umbrella Rank: 433
673 KB
68 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 990
trc.taboola.com — Cisco Umbrella Rank: 629
vidstat.taboola.com — Cisco Umbrella Rank: 2784
il-trc-events.taboola.com — Cisco Umbrella Rank: 21174
images.taboola.com — Cisco Umbrella Rank: 1861
imprammp.taboola.com — Cisco Umbrella Rank: 14777
am-match.taboola.com — Cisco Umbrella Rank: 14969
wf.taboola.com — Cisco Umbrella Rank: 2946
am-vid-events.taboola.com — Cisco Umbrella Rank: 13929
vidstatb.taboola.com — Cisco Umbrella Rank: 4952
sync.taboola.com — Cisco Umbrella Rank: 1046
pips.taboola.com — Cisco Umbrella Rank: 1720
cds.taboola.com — Cisco Umbrella Rank: 1922
am-wf.taboola.com — Cisco Umbrella Rank: 16166
1 MB
49 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 547
image8.pubmatic.com — Cisco Umbrella Rank: 685
simage2.pubmatic.com — Cisco Umbrella Rank: 797
image6.pubmatic.com — Cisco Umbrella Rank: 769
image2.pubmatic.com — Cisco Umbrella Rank: 875
image4.pubmatic.com — Cisco Umbrella Rank: 1183
simage4.pubmatic.com — Cisco Umbrella Rank: 1267
47 KB
32 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 855
fastlane.rubiconproject.com — Cisco Umbrella Rank: 545
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1075
eus.rubiconproject.com — Cisco Umbrella Rank: 588
pixel.rubiconproject.com — Cisco Umbrella Rank: 364
token.rubiconproject.com — Cisco Umbrella Rank: 617
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1144
78 KB
28 unibotscdn.com
cdn.unibotscdn.com — Cisco Umbrella Rank: 31338
stream.unibotscdn.com — Cisco Umbrella Rank: 46366
4 MB
27 ad4m.at
ad4m.at — Cisco Umbrella Rank: 11581
as.ad4m.at — Cisco Umbrella Rank: 33567
assets.ad4m.at — Cisco Umbrella Rank: 43002
1 MB
25 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 609
a5129.casalemedia.com — Cisco Umbrella Rank: 513340
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 594
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 484
r.casalemedia.com — Cisco Umbrella Rank: 1623
dsum.casalemedia.com — Cisco Umbrella Rank: 1493
31 KB
20 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2420
public.servenobid.com — Cisco Umbrella Rank: 4923
11 KB
19 openx.net
rtb.openx.net — Cisco Umbrella Rank: 782
oajs.openx.net — Cisco Umbrella Rank: 1331
google-bidout-d.openx.net — Cisco Umbrella Rank: 1336
eu-u.openx.net — Cisco Umbrella Rank: 2566
us-u.openx.net — Cisco Umbrella Rank: 481
adpushup-d.openx.net — Cisco Umbrella Rank: 25938
u.openx.net — Cisco Umbrella Rank: 702
4 KB
18 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1651
usersync.gumgum.com — Cisco Umbrella Rank: 1877
6 KB
18 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 360
5 KB
16 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3135
openx2-match.dotomi.com — Cisco Umbrella Rank: 4956
casale-match.dotomi.com — Cisco Umbrella Rank: 3259
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3617
6 KB
16 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 44744
hal90002.redintelligence.net — Cisco Umbrella Rank: 377934
hal900027.redintelligence.net — Cisco Umbrella Rank: 306431
hal900010.redintelligence.net — Cisco Umbrella Rank: 290141
28 KB
16 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 458
ups.analytics.yahoo.com — Cisco Umbrella Rank: 325
7 KB
15 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1133
x.bidswitch.net — Cisco Umbrella Rank: 352
22 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15443
e3.adpushup.com — Cisco Umbrella Rank: 18126
280 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 245
secure.adnxs.com — Cisco Umbrella Rank: 465
acdn.adnxs.com — Cisco Umbrella Rank: 587
30 KB
11 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 814
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 681
sync.smartadserver.com — Cisco Umbrella Rank: 1347
5 KB
11 aniview.com
vast.aniview.com — Cisco Umbrella Rank: 4539
player.aniview.com — Cisco Umbrella Rank: 1809
gov.aniview.com — Cisco Umbrella Rank: 4084
track1.aniview.com — Cisco Umbrella Rank: 1890
sync.aniview.com — Cisco Umbrella Rank: 1812
261 KB
11 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
218 KB
10 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 4954
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 4007
6 KB
10 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1071
s.amazon-adsystem.com — Cisco Umbrella Rank: 320
7 KB
10 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 784
gum.criteo.com — Cisco Umbrella Rank: 435
mug.criteo.com — Cisco Umbrella Rank: 2707
dis.criteo.com — Cisco Umbrella Rank: 626
18 KB
9 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6760
csync.smilewanted.com — Cisco Umbrella Rank: 2817
static.smilewanted.com — Cisco Umbrella Rank: 10904
17 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
7 adform.net
c1.adform.net — Cisco Umbrella Rank: 597
dmp.adform.net — Cisco Umbrella Rank: 3398
cm.adform.net — Cisco Umbrella Rank: 1204
4 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
79 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 222
396 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 891
q.clarity.ms — Cisco Umbrella Rank: 8127
22 KB
7 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 510
fonts.googleapis.com — Cisco Umbrella Rank: 45
ajax.googleapis.com — Cisco Umbrella Rank: 366
390 KB
7 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 39006
sync.aralego.com — Cisco Umbrella Rank: 2755
4 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 571
3 KB
6 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 887
ap.lijit.com — Cisco Umbrella Rank: 690
2 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 771
4 KB
6 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1233
pixel.quantserve.com — Cisco Umbrella Rank: 937
cms.quantserve.com — Cisco Umbrella Rank: 798
11 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 565
3 KB
5 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2412
www.google-analytics.com — Cisco Umbrella Rank: 37
642 B
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 908
569 B
4 sentry.io
o4504469071069184.ingest.sentry.io
903 B
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2664
3 KB
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1859
1 KB
4 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 548
2 KB
4 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 562
103 B
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 864
2 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 800
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 713
1 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 803
2 KB
4 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 9198
1009 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
265 KB
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 611
eb2.3lift.com — Cisco Umbrella Rank: 391
1 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 14741
42 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3158
pixel-eu.onaudience.com — Cisco Umbrella Rank: 17917
2 KB
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 765
1005 B
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 569
3 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 553
2 KB
3 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 3092
cs.admanmedia.com — Cisco Umbrella Rank: 1016
542 B
3 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2339
cs.yellowblue.io — Cisco Umbrella Rank: 2504
2 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 570
978 B
3 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 90311
114 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18043
2 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1700
2 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 817
s.tribalfusion.com — Cisco Umbrella Rank: 1944
2 KB
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 696
cdn.indexww.com — Cisco Umbrella Rank: 1662
2 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 722
2 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 621
73 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1579
sync.teads.tv — Cisco Umbrella Rank: 1339
891 B
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1304
contextual.media.net — Cisco Umbrella Rank: 660
hbx.media.net — Cisco Umbrella Rank: 1248
10 KB
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4161
visitor.omnitagjs.com — Cisco Umbrella Rank: 897
1020 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4837
562 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1182
1 KB
2 privateserving.com
player.privateserving.com — Cisco Umbrella Rank: 30166
167 KB
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 2867
992 B
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24109
497 B
2 grouprvn.com
servedby.grouprvn.com — Cisco Umbrella Rank: 26343
2 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 688
647 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 734
2 KB
2 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 4854
908 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 4442
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 819
2 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2615
1 KB
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 47454
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5535
748 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1116
1 KB
2 ad4mat.net
static-de.ad4mat.net — Cisco Umbrella Rank: 177820
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 143599
4 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 877
2 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 489
1 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1120
814 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 795
id5-sync.com — Cisco Umbrella Rank: 411
27 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 334
3 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 736
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 28216
11 KB
1 truffle.bid
matching.truffle.bid
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4240
464 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 29449
412 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3058
642 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6234
277 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5935
369 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1469
283 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2982
308 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2580
555 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3203
439 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 918
225 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1526
553 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3294
352 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 783
547 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1122
836 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 589
765 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1063
44 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 997
465 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1554
424 B
1 ad.gt
ids.ad.gt — Cisco Umbrella Rank: 1672
187 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1703
367 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1255
35 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1320
522 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1007
625 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1251
465 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1819
160 B
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 77870
1 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 73054
442 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 72418
264 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2971
390 B
1 conrad.ch
www.conrad.ch — Cisco Umbrella Rank: 458555
491 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 328
17 KB
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 6414
556 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1300
181 B
1 unibots.in
newsbot.unibots.in — Cisco Umbrella Rank: 54856
693 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 357
648 B
1 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 21845
1 KB
1 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 31713
823 B
1 analytics-debugger.com
amp.analytics-debugger.com — Cisco Umbrella Rank: 24348
3 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1496
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1677
2 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1176
633 B
1 ampproject.net
d-32056384452617586320.ampproject.net
1 bg3.co
www.bg3.co — Cisco Umbrella Rank: 664518
static.bg3.co Failed
17 KB
0 betweendigital.com Failed
ads.betweendigital.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
720 138
Domain Requested by
66 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
cdn.adpushup.com
fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
www.bg3.co
tpc.googlesyndication.com
imasdk.googleapis.com
www.googletagservices.com
43 cm.g.doubleclick.net 17 redirects google-bidout-d.openx.net
googleads.g.doubleclick.net
eus.rubiconproject.com
www.bg3.co
g2.gumgum.com
37 tpc.googlesyndication.com www.bg3.co
fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
19 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
cs-rtb.minutemedia-prebid.com
g2.gumgum.com
eus.rubiconproject.com
ssbsync.smartadserver.com
cs-server-s2s.yellowblue.io
ads.pubmatic.com
18 simage2.pubmatic.com 3 redirects cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
public.servenobid.com
18 googleads.g.doubleclick.net www.bg3.co
cdn.adpushup.com
pagead2.googlesyndication.com
cdn.ampproject.org
fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
googleads.g.doubleclick.net
18 match.adsrvr.org www.bg3.co
eus.rubiconproject.com
google-bidout-d.openx.net
imprammp.taboola.com
am-match.taboola.com
googleads.g.doubleclick.net
ssum-sec.casalemedia.com
cdn.adpushup.com
g2.gumgum.com
csync.smilewanted.com
ads.pubmatic.com
public.servenobid.com
17 usersync.gumgum.com 1 redirects g2.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
16 il-trc-events.taboola.com www.bg3.co
16 cdn.taboola.com www.bg3.co
cdn.taboola.com
15 cdn.unibotscdn.com www.bg3.co
cdn.unibotscdn.com
14 x.bidswitch.net 13 redirects imprammp.taboola.com
14 images.taboola.com www.bg3.co
13 stream.unibotscdn.com cdn.unibotscdn.com
12 assets.ad4m.at as.ad4m.at
12 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
12 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
cdn.adpushup.com
public.servenobid.com
cs-rtb.minutemedia-prebid.com
g2.gumgum.com
11 securepubads.g.doubleclick.net cdn.adpushup.com
securepubads.g.doubleclick.net
cdn.aralego.net
11 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
10 image2.pubmatic.com 3 redirects ads.pubmatic.com
public.servenobid.com
10 pubmatic-match.dotomi.com 10 redirects
9 image8.pubmatic.com 9 redirects
9 cs.minutemedia-prebid.com cs-rtb.minutemedia-prebid.com
eus.rubiconproject.com
9 pr-bh.ybp.yahoo.com 3 redirects imprammp.taboola.com
am-match.taboola.com
ssum-sec.casalemedia.com
adpushup-d.openx.net
ads.pubmatic.com
9 ad4m.at cdn.adpushup.com
www.bg3.co
ad4m.at
as.ad4m.at
8 www.google.com 2 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
8 us-u.openx.net 2 redirects google-bidout-d.openx.net
googleads.g.doubleclick.net
adpushup-d.openx.net
8 pixel.rubiconproject.com 6 redirects eus.rubiconproject.com
8 ib.adnxs.com 4 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
8 e3.adpushup.com www.bg3.co
7 ups.analytics.yahoo.com 5 redirects am-match.taboola.com
7 www.googletagservices.com www.bg3.co
fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
googleads.g.doubleclick.net
6 pubads.g.doubleclick.net imasdk.googleapis.com
6 rtb-csync.smartadserver.com 3 redirects ssbsync.smartadserver.com
6 match.prod.bidr.io 5 redirects ssum-sec.casalemedia.com
6 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
6 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
6 ssum-sec.casalemedia.com 1 redirects www.bg3.co
ssum-sec.casalemedia.com
js-sec.indexww.com
public.servenobid.com
6 aax-eu.amazon-adsystem.com 3 redirects google-bidout-d.openx.net
eus.rubiconproject.com
ads.pubmatic.com
6 onetag-sys.com 1 redirects cdn.adpushup.com
public.servenobid.com
cs-rtb.minutemedia-prebid.com
csync.smilewanted.com
5 image6.pubmatic.com 1 redirects ads.pubmatic.com
5 sync.1rx.io 5 redirects
5 track1.aniview.com www.bg3.co
player.aniview.com
5 hal900027.redintelligence.net 1 redirects fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
hal900027.redintelligence.net
5 hal90002.redintelligence.net 1 redirects fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
hal90002.redintelligence.net
5 c1.adform.net 4 redirects ads.pubmatic.com
5 q.clarity.ms www.clarity.ms
5 secure-assets.rubiconproject.com 5 redirects
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 gum.criteo.com 1 redirects cdn.taboola.com
static.criteo.net
cdn.adpushup.com
5 prebid.a-mo.net 3 redirects cdn.adpushup.com
5 rtb.openx.net 1 redirects cdn.adpushup.com
adpushup-d.openx.net
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 o4504469071069184.ingest.sentry.io player.privateserving.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 sync.richaudience.com 3 redirects csync.smilewanted.com
4 ads.stickyadstv.com 2 redirects ssum-sec.casalemedia.com
4 match.sharethrough.com public.servenobid.com
ssbsync.smartadserver.com
cs-server-s2s.yellowblue.io
csync.smilewanted.com
4 ad.turn.com 4 redirects
4 um.simpli.fi 3 redirects ads.pubmatic.com
4 cms.quantserve.com 3 redirects googleads.g.doubleclick.net
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 sync.crwdcntrl.net 3 redirects ads.pubmatic.com
4 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 www.gstatic.com www.bg3.co
fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
googleads.g.doubleclick.net
4 http-intake.logs.datadoghq.com cdn.adpushup.com
4 fonts.googleapis.com cdn.taboola.com
fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
4 region1.google-analytics.com cdn.ampproject.org
www.googletagmanager.com
4 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
cdn.unibotscdn.com
www.googletagmanager.com
4 fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 sync.aralego.com 2 redirects ads.aralego.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 simage4.pubmatic.com ads.pubmatic.com
3 sync.outbrain.com 2 redirects g2.gumgum.com
3 bh.contextweb.com 3 redirects
3 b1sync.zemanta.com 3 redirects
3 ap.lijit.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
csync.smilewanted.com
3 ce.lijit.com 2 redirects public.servenobid.com
3 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
3 ssbsync.smartadserver.com 2 redirects public.servenobid.com
3 creativecdn.com 3 redirects
3 eb2.3lift.com 2 redirects cdn.adpushup.com
3 cdn.contentspread.net hal900027.redintelligence.net
hal90002.redintelligence.net
hal900010.redintelligence.net
3 www.awin1.com 1 redirects as.ad4m.at
3 hal900010.redintelligence.net hal9000.redintelligence.net
hal900010.redintelligence.net
3 dis.criteo.com 3 redirects
3 dsp.adfarm1.adition.com 3 redirects
3 hal9000.redintelligence.net fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
googleads.g.doubleclick.net
3 pixel-sync.sitescout.com 3 redirects
3 secure.adnxs.com 3 redirects
3 am-vid-events.taboola.com www.bg3.co
vidstat.taboola.com
3 static.criteo.net securepubads.g.doubleclick.net
cdn.adpushup.com
static.criteo.net
3 trc.taboola.com cdn.taboola.com
3 htlb.casalemedia.com cdn.adpushup.com
3 ads.aralego.com 1 redirects ads.aralego.com
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 uipglob.semasio.net 1 redirects public.servenobid.com
2 am-wf.taboola.com vidstat.taboola.com
2 csi.gstatic.com imasdk.googleapis.com
2 player.privateserving.com player.aniview.com
2 us.ck-ie.com 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 sync.smartadserver.com 2 redirects
2 servedby.grouprvn.com player.aniview.com
2 ad.360yield.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 u.ipw.metadsp.co.uk 2 redirects
2 ads.avct.cloud 2 redirects
2 cs.admanmedia.com cs-rtb.minutemedia-prebid.com
g2.gumgum.com
2 visitor.omnitagjs.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 p.rfihub.com 2 redirects
2 cs-server-s2s.yellowblue.io public.servenobid.com
cs-server-s2s.yellowblue.io
2 a.sportradarserving.com 2 redirects
2 ad.doubleclick.net 2 redirects
2 openx2-match.dotomi.com 2 redirects
2 track.webgains.com as.ad4m.at
2 player.aniview.com vidstat.taboola.com
2 pool.admedo.com 2 redirects
2 sync.mathtag.com 2 redirects
2 vast.aniview.com vidstat.taboola.com
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 js-sec.indexww.com ssum-sec.casalemedia.com
cdn.adpushup.com
2 pixel.tapad.com 2 redirects
2 partner.googleadservices.com pagead2.googlesyndication.com
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 www.clarity.ms www.bg3.co
www.clarity.ms
2 oajs.openx.net 1 redirects www.bg3.co
2 imasdk.googleapis.com cdn.unibotscdn.com
imasdk.googleapis.com
2 prebid.smilewanted.com cdn.adpushup.com
2 cdn.jsdelivr.net cdn.adpushup.com
securepubads.g.doubleclick.net
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 matching.truffle.bid ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 green.erne.co 1 redirects
1 cm-supply-web.gammaplatform.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 ad.mrtnsvr.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com public.servenobid.com
1 csync.loopme.me 1 redirects
1 t.adx.opera.com 1 redirects
1 cm.adform.net 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 sync.aniview.com www.bg3.co
1 ws.rqtrk.eu 1 redirects
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 s.ad.smaato.net 1 redirects
1 tg.socdm.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 stags.bluekai.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 u.openx.net 1 redirects
1 s.company-target.com 1 redirects
1 static.smilewanted.com csync.smilewanted.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 ids.ad.gt 1 redirects
1 dmp.brand-display.com 1 redirects
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 sync.admanmedia.com 1 redirects
1 hbx.media.net 1 redirects
1 ssp.disqus.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.adkernel.com public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 gov.aniview.com player.aniview.com
1 partner.o2online.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 inv-nets.admixer.net 1 redirects
1 contextual.media.net cdn.adpushup.com
1 adpushup-d.openx.net cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 cds.taboola.com cdn.taboola.com
1 ajax.googleapis.com hal900027.redintelligence.net
1 www.conrad.ch as.ad4m.at
1 pips.taboola.com cdn.taboola.com
1 s0.2mdn.net imasdk.googleapis.com
1 prod-rtb.ad4mat.net googleads.g.doubleclick.net
1 fonts.gstatic.com fonts.googleapis.com
1 static-de.ad4mat.net as.ad4m.at
1 ads.travelaudience.com 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 sync.taboola.com am-match.taboola.com
1 vidstatb.taboola.com www.bg3.co
1 d.adroll.com ssum-sec.casalemedia.com
1 r.casalemedia.com ssum-sec.casalemedia.com
1 a988d8e92c02044dc6e85070af069dd5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 newsbot.unibots.in cdn.unibotscdn.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 bddc6028702850c1fb546343868fa55d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cm.adsafety.net 1 redirects
1 ads.smartstream.tv 1 redirects
1 eu-u.openx.net google-bidout-d.openx.net
1 a5129.casalemedia.com cdn.adpushup.com
1 imprammp.taboola.com vidstat.taboola.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 www.google-analytics.com www.bg3.co
1 stats.g.doubleclick.net cdn.ampproject.org
1 mug.criteo.com www.bg3.co
1 id5-sync.com cdn.id5-sync.com
1 amp.analytics-debugger.com cdn.ampproject.org
1 pixel.quantserve.com www.bg3.co
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 rules.quantcount.com secure.quantserve.com
1 d-32056384452617586320.ampproject.net cdn.ampproject.org
1 bidder.criteo.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 www.bg3.co
0 ads.betweendigital.com Failed cs-rtb.minutemedia-prebid.com
csync.smilewanted.com
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
0 static.bg3.co Failed www.bg3.co
720 237
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
cdn.unibotscdn.com
R3		 2023-07-18 -
2023-10-16		 3 months crt.sh
cdn.adpushup.com
R3		 2023-06-14 -
2023-09-12		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-07-05 -
2023-10-03		 3 months crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
quantserve.com
R3		 2023-08-12 -
2023-11-10		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
analytics-debugger.com
GTS CA 1P5		 2023-07-18 -
2023-10-16		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
*.id5-sync.com
R3		 2023-08-22 -
2023-11-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
cricket.unibots.in
R3		 2023-06-22 -
2023-09-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
redintelligence.net
R3		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.aniview.com
GeoTrust TLS RSA CA G1		 2023-07-15 -
2024-08-14		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-07-31 -
2023-10-29		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
stream.unibotscdn.com
R3		 2023-08-06 -
2023-11-04		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
contentspread.net
R3		 2023-08-24 -
2023-11-22		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02		 2023-02-09 -
2024-01-26		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
grouprvn.com
GTS CA 1P5		 2023-08-26 -
2023-11-24		 3 months crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
privateserving.com
GTS CA 1P5		 2023-08-03 -
2023-11-01		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-25 -
2024-08-24		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh

This page contains 133 frames:

Primary Page: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Frame ID: 148522F8EB3F7B5E44BC0E7DD3CAD92B
Requests: 241 HTTP requests in this frame

Frame: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 094143591FABEE97AE509AECA84AC14F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
Frame ID: 7D072F7E25C3611877C07EF24161EF77
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 99F3080F28489EC4EE218490046280C5
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 6B0416392C4D214C2CA84146689FDAAC
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 044F55A7FC730A3CA73EF955021BE298
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 6760E9CFD52EAD604F668322D6EF8ED1
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: A4E0341A3C1BF4532ED76FAD6DAB8902
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 7A93F0EE2C5368AB5F543C5A404C6A24
Requests: 11 HTTP requests in this frame

Frame: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1BCD81F771B6FD627D70E23A3FEC901A
Requests: 5 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 6F5A8E88D3416D2E0EFAE2E0FE614ED5
Requests: 6 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PiECLAa8JzwHt3tzFBJ4T3gObvfmKCwAAABgYID-AElMHKPhyOVYS0zD1Vo0WXnWEsdouVaOXMbFxDSZzUY2IyCJiWM0HLkca4lpuFqLJivPWuIYLdfKkcu4mJgms9nIZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZyaDodPte9Xvf73SU-z1zj9yv80qPDLXW6hQ6_W_h02H1u4dPhd0udLrfU6XJLnQ67W-Kw-9wao-stfDrsbpHDLXe63qK_6y12uDVGl1tz9LveEqdb53K6dX-3xuh0ix12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkchMNycV1-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEKGeKUmz0EJ4IgWxRRgBAAAAgFVYcz8ySSeoWFT5___vtwJwBQAgQJHooFwoi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHqOXNMA8TM3q_kFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOZYrXarmXPmGW0cLs9sOXH5hhPDxDnauBwm42Z7BBWMF75kfCH7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYhvMzHZlpO1ZjJYuEWz4WytcHkca9lotjAsXJ6VceZxi14f08VlXMwcky0SDMDbi-RpkU5kE4thuNjYFo6JceZymYYT52Q3spgGs5Vl49vNJmKJ5mSRTmSXfc2xWu1WM-fMM9o4XJ7ZcuLyDSeGiXO0cTlMxs2-4ttMTLblZK2ZDBZu0Ww4WytcHsdaNpotDAuXZ2Wcedyi18d0cRkXM8dk35gtN5vVcDSc7Buz5WazGo6Gk32HzvBdfc5GZVkl-bj8Kt224bo5DQqXweJ9qU_nYcFYkE47R6dLpHgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hlx4dbqnTLXT43cKnw-5zC58Ov1vqdLmlTpdb6nTY3RKH3efWGF1v4dNhd4scbrnT9Rb9XW-xw60xutyao9_1ljjdOpfTrfu7NUanW-ywC01vs0UsEZwu0onoZTxd1H_kELvZXDGYKwa7uWQzXCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptA8Cju____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIyWS22D8AFWKtVqvbjbVarYAFshwMRxP4____Dw!&cmcv=&pix=undefined&cb=1693358483555&uv=3322&tms=1693358483555&abt=eidc_vA!ll142893-147_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=1b148de1-b485-42e3-b149-9de81b4266df&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 5C4F461EDDAD7D873A6AAC3C6572E54E
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8PiECLAa8JzwHt3tzFBJ4T3gObvfmKCwAAABgYID-AElMHKPhyOVYS0zD1Vo0WXnWEsdouVaOXMbFxDSZzUY2IyCJiWM0HLkca4lpuFqLJivPWuIYLdfKkcu4mJgms9nIZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZyaDodPte9Xvf73SU-z1zj9yv80qPDLXW6hQ6_W_h02H1u4dPhd0udLrfU6XJLnQ67W-Kw-9wao-stfDrsbpHDLXe63qK_6y12uDVGl1tz9LveEqdb53K6dX-3xuh0ix12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkchMNycV1-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEKGeKUmz0EJ4IgWxRRgBAAAAgFVYcz8ySSeoWFT5___vtwJwBQAgQJHooFwoi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHqOXNMA8TM3q_kFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOZYrXarmXPmGW0cLs9sOXH5hhPDxDnauBwm42Z7BBWMF75kfCH7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYhvMzHZlpO1ZjJYuEWz4WytcHkca9lotjAsXJ6VceZxi14f08VlXMwcky0SDMDbi-RpkU5kE4thuNjYFo6JceZymYYT52Q3spgGs5Vl49vNJmKJ5mSRTmSXfc2xWu1WM-fMM9o4XJ7ZcuLyDSeGiXO0cTlMxs2-4ttMTLblZK2ZDBZu0Ww4WytcHsdaNpotDAuXZ2Wcedyi18d0cRkXM8dk35gtN5vVcDSc7Buz5WazGo6Gk32HzvBdfc5GZVkl-bj8Kt224bo5DQqXweJ9qU_nYcFYkE47R6dLpHgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hlx4dbqnTLXT43cKnw-5zC58Ov1vqdLmlTpdb6nTY3RKH3efWGF1v4dNhd4scbrnT9Rb9XW-xw60xutyao9_1ljjdOpfTrfu7NUanW-ywC01vs0UsEZwu0onoZTxd1H_kELvZXDGYKwa7uWQzXCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptA8Cju____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIyWS22D8AFWKtVqvbjbVarYAFshwMRxP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 42B92B4A2767C77388FC53CD12F6E983
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1A853EFC228980A4D84FE728E81E39F0
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 67F8EE00DE9A60361E94F512A534997F
Requests: 2 HTTP requests in this frame

Frame: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E3E79CB7655A498615EC789B2F617924
Requests: 16 HTTP requests in this frame

Frame: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4467F4DF2C84CBF4290A6B68CD023C81
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYuLHjaTAB&v=APEucNU2j9WDm-kx0Vb4tdO1g_n3zOSmfUU4KKt4EGOiiqd67if5OnFzC6yB2P5M4Xk8VezZbJHCdJUuS8cXxDx2EhPyy5zU8g
Frame ID: B99EFFEB3D305667E6C7C68603702777
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 472828CAE0E268DA7A723DC2A38E7EC9
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/zrt_lookup.html
Frame ID: E2885E812A00521648033B9452321C2E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2852665323357970481&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3323&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=709001778&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&ga_hid=1500233466&dt=1693358483295&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&bdt=1354&dtd=142&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 940733C347FF238BDC6C68E3DAB15362
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-1097949119731979318&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3333&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=709001778&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&ga_hid=1500233466&dt=1693358482986&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&bdt=1045&dtd=16&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 37147DA3D288E591149BC5D6A4BF89DB
Requests: 1 HTTP requests in this frame

Frame: https://bddc6028702850c1fb546343868fa55d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: A05AC1076BC828898EF80DE7480BB9E4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiKo7vGATAB&v=APEucNVDCs-tXlQjLwUVkipM7papIjG9wCBtMj3uHaClRo6eeLOAo6NGkhXkhiInGQGIEauGoDsryB-hE8_Iuel6gFbcGiSRXQjt7-ioKO4-uMyvk2uzyKneMujL_dz8Drp9Tc72vG9vUv_sE0ogU3VoxseUwTI6ST7Xu2xLeTyj4RxRuHe54kWspPHhL2NEIRhJ04tWIsVt0AXnyqvjhovoD4RX9VXssA
Frame ID: 13E62E241645C69876B7335C88DF8A45
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNU4_cnJEpbBmMzv3xIL2Sda1xCcwzH1T7JOC0FlKKZC7y2r2ktv83rAp0SwKJvQUsktFGcihvpga8_ubWo-mXtB3obvUqYQ_DUbvFF5jq3vNLXkwFd0qTlQbeTMjag_4-IeZzXatCs6_KH69wPsIAEx1pW_LIpHZhIP2jiC9CU2ygqoBc4CW2mgcRHtK3pBNP6NaSTUEve2aiKBTlwQ6Jwsj7-_uA
Frame ID: 99EFE4EED513C3687AC61297D58485C6
Requests: 5 HTTP requests in this frame

Frame: https://a988d8e92c02044dc6e85070af069dd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6DC5542F406E79CCA4F34C3D902DB3C9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351283&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483255&bpp=405&bdt=614&idt=723&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=2&ga_vid=448424990.1693358484&ga_sid=1693358484&ga_hid=1924307505&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2172&biw=1600&bih=1200&isw=336&ish=280&ifk=2231387374&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077328%2C42531706%2C21065724&oid=2&pvsid=848690160865409&tmod=1792512408&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n2dom0z1dmc7&btvi=1&fsb=1&dtd=744
Frame ID: 80CBD902ADE07F352E0BBD8843666F84
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351284&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483291&bpp=440&bdt=671&idt=787&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=1&ga_vid=1930005420.1693358484&ga_sid=1693358484&ga_hid=394706282&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3637166096&scr_x=0&scr_y=0&eid=44798879%2C44759875%2C44759926%2C44759837%2C44798934%2C31076998&oid=2&pvsid=1084659188754477&tmod=1700580836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.om6dmuaj93it&fsb=1&dtd=804
Frame ID: FAB01C676914F546EE76E87CB066B8B4
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Frame ID: 2E9DED9102E3F0363E0CDDBF74944758
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jgvw9p13k5gvcq8q76dgn2076mns0hpqngn735vm9h5znge5cdew47rw0feh6bseam2f8ygcjr6cewzhtv5geq8ft6gm3hcg53h6kqs67y2ema6x0mdsbjb953hcs1pectez2632b8t2dp87tq5nbkfmjvc98z1e9h0z026smktb5qws35dmnzzp5s74jtjthdpe30e49dsg587rx9enc3py6bwa8vzm2zav2fgk1bvwkszvhpa4yxw8svppp1f4n4t3htp4vg7hm13th7ajev213dahz5wq69ym9azjh707zzb6ahypja4ew0zmb00fhxdcmz8mnbdxrf36brv1e5kjr8ejpc54etj40a4t9rs5dvpwdbk056vkkg8w2bkx1qrmx8mwnn7vppwbd0tjcmtjd1jp2p4gaahzvxpg5tj7vsjap4kdqm086anxjha8s4wv48t03ag&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvUu2k5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoElgJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmawa6XZtPQsrUPglQMxY5iqWfonWbXLWIz7zOCJ6ypedVFa_8s6g0k7qdYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0wlaYbxeks7XFQ0NQCaTCqoq2Q-A%26client%3Dca-pub-3216231935713038%26adurl%3D
Frame ID: 4C878F919AA42A13FECD00DA336C4CD3
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Frame ID: 32FB44A238EECE7B726EC127DDBF768B
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9E9BE0C8EFFC9CB36496E1F214B91300
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 33B960C95612CA02C18AFEFC4F92471D
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8PiECLAa8JzwHt3tzFBJ4T3gObvfmKCwAAABgYID-AElMHKPhyOVYS0zD1Vo0WXnWEsdouVaOXMbFxDSZzUY2IyCJiWM0HLkca4lpuFqLJivPWuIYLdfKkcu4mJgms9nIZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZyaDodPte9Xvf73SU-z1zj9yv80qPDLXW6hQ6_W_h02H1u4dPhd0udLrfU6XJLnQ67W-Kw-9wao-stfDrsbpHDLXe63qK_6y12uDVGl1tz9LveEqdb53K6dX-3xuh0ix12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkchMNycV1-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEKGeKUmz0EJ4IgWxRRgBAAAAgFVYcz8ySSeoWFT5___vtwJwBQAgQJHooFwoi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHqOXNMA8TM3q_kFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOZYrXarmXPmGW0cLs9sOXH5hhPDxDnauBwm42Z7BBWMF75kfCH7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYhvMzHZlpO1ZjJYuEWz4WytcHkca9lotjAsXJ6VceZxi14f08VlXMwcky0SDMDbi-RpkU5kE4thuNjYFo6JceZymYYT52Q3spgGs5Vl49vNJmKJ5mSRTmSXfc2xWu1WM-fMM9o4XJ7ZcuLyDSeGiXO0cTlMxs2-4ttMTLblZK2ZDBZu0Ww4WytcHsdaNpotDAuXZ2Wcedyi18d0cRkXM8dk35gtN5vVcDSc7Buz5WazGo6Gk32HzvBdfc5GZVkl-bj8Kt224bo5DQqXweJ9qU_nYcFYkE47R6dLpHgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hlx4dbqnTLXT43cKnw-5zC58Ov1vqdLmlTpdb6nTY3RKH3efWGF1v4dNhd4scbrnT9Rb9XW-xw60xutyao9_1ljjdOpfTrfu7NUanW-ywC01vs0UsEZwu0onoZTxd1H_kELvZXDGYKwa7uWQzXCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptA8Cju____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIyWS22D8AFWKtVqvbjbVarYAFshwMRxP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 7144F3096770B83E534AD9598C6ABD70
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
Frame ID: 45993EEFBC7CA578DAFBF1437E5C0780
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNV9DUJLuncVot0SbAf7sQzx5yepuViSGTfIIbCEcYOiqk8kxrJ74LvnQbFBQxjyT_xxize6ZMqq8auTQwGDnl3H-y_HHnqR4QSG7BeqerDubd9bzLry8u55LQcyGlyZRLYm9QPFCjtyCY6XLa_DyOiVYWuz55FH3O_fcZYvLWz6ikHcmIc
Frame ID: DAB7E82AA08C9BAE5E8E2B43E6A0CAA5
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0CA7366BDE14954A58503EE9241C006D
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 393EAC5299F945B4332B8D11971B3F2F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F218F2E0D70A28AB180EA0950D549EFD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 75B39E33BCEDDA6CF350D64C5112089F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A9D46F61FC766CF33B31F855277C9540
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E56132388317CCA02EBDDB6BAD89025B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2DD6EFDF0FAD2209D6659CFB40E47FDF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D30CC30F9A6DE60F4F43142168BAC2D1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 87EE2E928F523FED8442192A55F9075F
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: F47C86C809888EE7AF296FB3368FCCFF
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Frame ID: 1CABB4AFE5C9F340CD83A00625320704
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 04F4BA1F0E63B432685D1E13B8040DDC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 403F5C74C5B27188D213C9B8E4217C74
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14222%2C200038%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CprMH1fDARpF9rkZukH4HmtztxZ3UgTRT8XaE%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CJBWFzfmY3qa3geWcBH6H7tqCER2CXTgT4WtX%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=af672aa875b901cb271b5ebf2131176c%2F1624113414517554670&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693358485127&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCvlVLkpnuZJaAJ4TWzQa_lLe4CsT-wtJoz8bNpokL-y4QASC35YQhYPUFyAEJqQLsn1KfTUOyPqgDAcgDmwSqBLsBT9BES3PNq3zfodlYgprHk1eshnBqMHYOR_AOKaizcYPe6Fjd752RSrA7vYHpPLzFOfepnD_o0cIjbr0BdbmbydHhyYUjKzH8xLhoa-M1JAi7Zq-1nBB2xqBZjdRxTHMt34ogwTerZ0Q4Jsesm3kvszzB4vZrGK-aI8v-qDLxkpG80UmP4Ttbx9JTv-p_tlqPsOupEcpZqWKD4UyktGT2NchRc7tZe_q96fROObl2sTguKa0apq7LHXBzZcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItNjkzNjU2gAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIlpHX9puDgQMVBGvTCh0_yg2nEAEYASAAEgLI9_D_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWNG_qTrAtvCJjztkYbftH3M6gjLYPRWU0LbiS55VhbSH4EtNnTnSRxZ4GTawnGAE%2526sig%253DAOD64_0Bbfbnw1EZp66OQ927DNiZM__LBg%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-A637oTepq_rAQfumDYC5lWfPEqfu-A0b8mgAO218AS0qEZco4JUAUkc0-Cfk3-VaE8zceL2ymLS9YuBUjHVP-oqjh0eOje0dg_lT2NlzQzxi2fHwNSF1LnbO0u5-AGTneeScTjS7bpazYwQ7K9HSrmDBJxzT4sw7SVHjFDHOrvzZIrYyc%2526cry%253D1%2526dbm_d%253DAKAmf-Dn1OaWIurmIg-iyp5FYiUKRVQbt4To3nQzHxyg-_MY98AmUvBrQrlD3X_niGFX3OHVnNNVXzDyxzImiZvm_R_OLQedaTk75rFbFUIwE6UszzJfMmwcjICMr2wjbj_0D4sCGTtu4Bsma4grIjdiDrcnLnEK0FtTZaFuMiEwEIOidI1RbV984yIsglcmDB7KN_x1kvhMImLREguHQmmPWlqqZyJ5J00wTqWcncaBuabhHE0YAGK_ObiTwlbIonK8aQX5symfEoC8ToUuDovtwwokeIMVAxcjs4UsTKK_OrfBqaWLmNyc0_5rnbY4wQsNNiwZ4eYMbd6mtZi4YQr4jqUlrq8pUJMhu5BhZpnFAqptR2k1KXRl5NbfVLj6Z2f47j9hxs8APNASYJXWrm0KcyT7gzru5kgx6qDptgfwdnvI2-jGxs4otOaaR4f-YyAAROwSnyq2F9GFHCyXKhAjhv0MDZvU2CHW9H583Aed2tDG46ywJK7SZHY83PGJqLMLSVnLgldYxwo-o2zdYeHDB8jgqKBR3XMdSav_TIiEOee4Std3ql5w0ZiKiQYCSsmTFzrSqjRq-_C4ux-HMO8VuVXsatD2R5Tad7Wla1kqUxsudtLoPrzhVRJAL3xgQ87bTsJ7XIGv%2526adurl%253D&y=1&s=&z=0
Frame ID: 333A8D2FD823A05493719F406F7BFBDE
Requests: 11 HTTP requests in this frame

Frame: https://hal900027.redintelligence.net/request_content.php?s=77442200005636504445002012432027&a=f48cb19b
Frame ID: B93DE96F28CB1CFF807F18B5FE7FA890
Requests: 6 HTTP requests in this frame

Frame: https://hal90002.redintelligence.net/request_content.php?s=99267200007424204444982012432002&a=6e744d5e
Frame ID: 49919957D2560640F377D0B070352BA6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
Frame ID: B9A19EAB2DEB5CF6117814BB76123C80
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=645c834590f2c48ad908f465
Frame ID: EC635D53C6E71E14F03BED496135332B
Requests: 3 HTTP requests in this frame

Frame: https://hal900010.redintelligence.net/request_content.php?s=31922200007015704444994012432010&a=b00ace23
Frame ID: F1B154F774B69A4ABF17D6B7794C7880
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F0B9682303F5F85F65ECBC3F0A2700D9
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BB1BF8CA1C86D3DCBF908470D1BCE273
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EEA532B89ACDC8978581474239ECC3E8
Requests: 2 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 0ED1F11EFD869694E08AB77267F87F5C
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 8733236168ABC1ABA398A6B1BFEB9A2D
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1693358482734
Frame ID: 64421C000B13E4B3151B608F9C3FDCA0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F93D24C2D53A4E278CCB8EA8782EA94F
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CCA617A5C5602A2A834235642E0E1428
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 947D26ECC54C81C4F0782768B92B7091
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 98332D922799D9A92B7A392EAB468A87
Requests: 2 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd
Frame ID: AB205158B3C3B13A56E85CF026899EC5
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EA3FA10D01BB0DE7E4437AC7A0F812C2
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 27D0C09CEEEE186CEFB4EE851D186981
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d5ff64c682704ee84b21d7d0a26b151f%2F6310840116423024949&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693358486073&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha4bhw9snhz3wkk3wv0bqarr0t75t888pmczsakbm264y8z620p51sh14czrm2w8c34s8ng5pxs726nvtgk2e190mvty7d2m9z69ctw9dje4p3sej4dcx1m3m20p0qg7ptmrb42azhepf0g6z7nht3gga47v22aebhbnv8m94dbt7q0v2nhvtv8h2h7te3yyx4k1xrweteegg1jwyf7mw2ck2qdjvk2v5rn9sw7sxs6z7tx9qnawj5csfjge16d0p2h5kvwer82702fh382j42dkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvUu2k5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoElgJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmawa6XZtPQsrUPglQMxY5iqWfonWbXLWIz7zOCJ6ypedVFa_8s6g0k7qdYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0wlaYbxeks7XFQ0NQCaTCqoq2Q-A%2526client%253Dca-pub-3216231935713038%2526adurl%253D&y=1&s=&z=0
Frame ID: 1AE91B18C7BA1B461DE1A1445A1DDA16
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 7B8C9E14E162FD0FC59374D58103D6BA
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 972BACDF7500F5EB1D9EBFFDBC8BBB4F
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: C1A2FB9D8509C52DC829313AE5A064C7
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 1B890C3EDCB67DCD1E544504E787A5B6
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: E6C70D97FC0FE713106D7BB30CFEC61B
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: EDBC3392A3243E3D5B1BFB33814B8D79
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: FCDC395B39771DD35D728A023DB6627C
Requests: 18 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: D3181FE02B3AC8263FE32B82EE55829E
Requests: 14 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 8DAAF6CD985E06AE7E26811FD68F3404
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: AC5298C55F69311B3A2CB1BBD03E6458
Requests: 5 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=%26ismms2s%3D1
Frame ID: F27CE234D41EE497CFF41E93688632AA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
Frame ID: D32E57E469927EEB95601104520B4DA3
Requests: 3 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZO6ZlAAMXlM9EQA_&gdpr=0&gdpr_consent=
Frame ID: EFB601F12373342B2033BA6140BAF716
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kNTBkMzk5MC0xMzVmLTQyMjMtOWRmNy0zMDMzNDc2NTBkM2Q=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 4C5DDF9EA86DC3C804DCB5DD6D344076
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 03F6AFA6D963A0FF21927E4B15BF5A31
Requests: 9 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: EDEAAE8486FEEC2E2D4BE5E49F9547AF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZO6Zl8Co5ssAAHoOgbMAAAAA
Frame ID: 2969A48BF754D5C3DCF295117079CBFC
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_d50d3990-135f-4223-9df7-303347650d3d&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 5FC013284E65ECE272BA6708FC615017
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=gYY10mNslvInZx0lhCEs&pi=gumgum
Frame ID: E6219B463DA05137EC970356C5097F79
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 1E4A770C94BD3BC501DE12DA98ABA33A
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 15167CC6B91EAFC4D004ABFC198AC0A3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 4C522ED9F25892B1215E5C2542921AFF
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1693358486888-945078940339-001601-011-001831&biddername=105&pid=6444c646246df090c706ac34&key=&gdpr=1
Frame ID: 5973587F0AD8AA89E22E06808D4DB91D
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 023749E96E738D2F76C01DA080240A5F
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=1423789398647959843
Frame ID: 9AF677FA7A2EA149BD955AD81A03BA75
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7217811612
Frame ID: 99CCA77D75E1D356B695E3287E6AFDAF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D8C7E0B7608575C46CEAAEF50DBAAE45
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4AEC1657FF5F668A8046F290BF9E88FD
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIg52L8bm5swNxbPWLAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&is_secure=true&gdpr_consent=&gdpr=0
Frame ID: 1205EFBB20BA43CEA259A5F10AA4045A
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=452BFA12-A165-423B-BCCD-1571C17A1756&redir=true&gdpr=0&gdpr_consent=
Frame ID: F12A679F9E7277638FE92EFFD7A9C1CE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM4xNTwKqzCgMdMLLuAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&is_secure=true&gdpr_consent=&gdpr=0
Frame ID: B8FD2227973975C5070091F279FE1925
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=452BFA12-A165-423B-BCCD-1571C17A1756
Frame ID: 3C0DC183F7CFB5D5347B8C3ABF5A65ED
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
Frame ID: D6A44FB14FFE8A2E2CCDF8D4D85FF11C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/d6c9abc3df939590fad0813ae57572b3a7b0928cd33f4c5b5c655de373df2980
Frame ID: 47FE3BD6B2E2E2865011193D38DD9598
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/7276866640929803979
Frame ID: E83BBE773C3129C1842095CFD4A5BBCF
Requests: 1 HTTP requests in this frame

Frame: https://player.privateserving.com/fa_v_x11.js
Frame ID: FC590AB68EC9C1B342DF148F9A597854
Requests: 4 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/abf3186358d318c95338632f8f395184?gdpr_consent=&gdpr=0
Frame ID: 89143C6035AB2CC35AFAC6C0C0AD91A4
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 83558041714700526E386C3ED9B90497
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smartyads/cdbfa5b5be126547759d5aeeded4da2d1cd2c86b531da33917655bdcd24b272b
Frame ID: 36C85AEBA6B91E69DDFE2258C6880A69
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=645c834590f2c48ad908f465
Frame ID: E56F1144D626D6E454482A2D20FBD33C
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent=
Frame ID: C25C7BCA8C485EA6520295D5ACE5435A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4853856628407888645&gdpr=0&gdpr_consent=
Frame ID: 64B6CD0AE9AF8F3AE9FEFEB9AC05C418
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7272919313479891102&gdpr=0&gdpr_consent=
Frame ID: 52BEDAD975A046FCB33E03182D74DAAE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=lOQXhs0cXNx4ptEjnHCGvbAKa-4&gdpr=0&gdpr_consent=
Frame ID: 9AA197DEA662F9BAF9502EA06BA5E3A4
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 37398F6034888696555D598A27DA96A8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUc02c09529f8c4753bd0a8a2df37cd09a
Frame ID: 62B4B46187BAB7928089595F7EAAFFB6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 5A2459C242C8B4B1C1301CA7E7163318
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACWc07J3TMAACV-AnxsBQ&gdpr=0&gdpr_consent=
Frame ID: E27A24F65B6B71A86A3D8C85B7C030CB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336724966456893
Frame ID: D96AA18DDA81D8F7E1D4709650AD53DE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=452BFA12-A165-423B-BCCD-1571C17A1756
Frame ID: E93063E06EA540E36B5F324ABCE30F99
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent=
Frame ID: 2813907A85F642ABC3B346BA9649A582
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 499779CC82BD7EEBB636C116A78B1563
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8996300839723427136
Frame ID: 20464F2028884468DBD81A1BF7F844A9
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 406FF671539C0A9046199D10F5B4A339
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: C82CE03930363B2702BCD66EC4BA2830
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=juuxb1tts5qe
Frame ID: 86DD3CEEEF08C3FF3C45223C32F60B52
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: D0295DDAF5286EAFF579AD45D7014401
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaRRbaXVQVjWXbSYa&gdpr=0&gdpr_consent=
Frame ID: DF34E1860A55B8907AB56A101CD80E36
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=452BFA12-A165-423B-BCCD-1571C17A1756
Frame ID: 9A5479B2875CF154CB33DD35AB5821D6
Requests: 1 HTTP requests in this frame

Frame: https://player.privateserving.com/fa_v_x11.js
Frame ID: 890C0BB3DBF30FCDF7100F67FCDA6134
Requests: 4 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: C71F3572274061418AB32419EFD9E75A
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6350637498
Frame ID: 3D53DD0C3AAC4AFFCB0CC66AF9AB26AC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0197E0FE5B9F4CF0AF00A0E1A4D91CFE&gdpr=0&gdpr_consent=
Frame ID: 3E72DD6EEAB3DD6628656D3E699C7CD0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=452BFA12-A165-423B-BCCD-1571C17A1756
Frame ID: ED497A4D247470B09716FDE2ADEAD5FE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

炸雞好香!小姐姐肩膀「出現大牛頭」 拉扯手臂:給我吃啦~ - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

720
Requests

79 %
HTTPS

28 %
IPv6

138
Domains

237
Subdomains

146
IPs

17
Countries

10306 kB
Transfer

22579 kB
Size

209
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 105
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&rid=esp&cc=1
Request Chain 112
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=SxKA_nx2RXc4RVBOMkFJMXlpekJwY1l1U0traG5qeVBRVS9wZGMyOXhXMGVDYUJuZzZ2TmtiazJpTk1sZVorSE95L3gvNUhhalYwMWtENlMrZFZTWFIxTVVkbUI0dy9QMGZBc2drazR1cXR1Qmp2YjNCcUZ3UE5SME9nMWppcmYrTnhlQ1pXNW12a3hBZzRyYXA5QnJ3NWRUUCs0TlpWN05FNVlZQXlEYUZpdThWM05KMXJmcjdlOWp0Ulo1Rk5yMDlzVjNTNFVSV2R2ME9WdElVNTNpNnZyQlBDTU1zeGl1QmNwSFVVejFaQWlDdkJNTXpsYUk3WVc3a2pDZ1JVSlp1cjRhV2pKd2dNaTlrY1ZDZVM0UWVxTVN6dz09fA&cppv=2
Request Chain 134
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 135
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 138
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 211
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LLX1X3HM-1Y-4NY6 HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLX1X3HM-1Y-4NY6 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 216
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7276866640929803979
Request Chain 217
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=45f54819-9007-c2d3-14c9-38e7ccd8af96 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=45f54819-9007-c2d3-14c9-38e7ccd8af96&dcc=t
Request Chain 220
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHf4o5mGRbu1Z4gHbGdiyUc&google_cver=1
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEHHbe6zKuDNByYCWPPD3-j4&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEHHbe6zKuDNByYCWPPD3-j4&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=ae39be9ba178246f8eca2757e8d4fe6f&uid=ae39be9ba178246f8eca2757e8d4fe6f&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 233
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/OlwsMAf2SL9oC3i-1Hq1Dsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WzrFge9E2oLz9j_0XBJB5H3ZgpLWk3vBOVJ7.Q--~A
Request Chain 235
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=EzXcGjkdQ266soBqHam75w&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=EzXcGjkdQ266soBqHam75w
Request Chain 236
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDhmMGY5YzM0Yzk5ZjM3ZjkzYzM5YzliM2M1MzZhMjNmYzY2YjM5YQ
Request Chain 237
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMUBLV5-5cr_IMC_klMlrlw&google_cver=1
Request Chain 238
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExYMVgzSE0tMVktNE5ZNg== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELqi33fuQ5YSrsu7eh60xUI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExYMVgzSE0tMVktNE5ZNg==&google_push=
Request Chain 239
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5dNCQiUMR6iRILgc9cJ0yQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5dNCQiUMR6iRILgc9cJ0yQ
Request Chain 240
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLX1X3HM-1Y-4NY6
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECcNKhKiITFahf54s8FYz80&google_cver=1
Request Chain 264
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO6Zk-k6rGJK08KKXgKetwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECcNKhKiITFahf54s8FYz80&google_cver=1
Request Chain 265
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJ21WpPz7otARf9ENOi7qHU&google_cver=1
Request Chain 266
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg1Mzg1NjYyODQwNzg4ODY0NQ%3D%3D
Request Chain 267
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHf4o5mGRbu1Z4gHbGdiyUc&google_cver=1
Request Chain 268
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzE0Y2U3YWUtNDVkYS0yNzhkLWMxMjctZTBjOTZlMDlhYTE2
Request Chain 269
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEMz-zjcOtU-2MAQHPziOJsg&google_cver=1
Request Chain 270
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTZlMTc4MTMtMzIxYy00Njg0LWI5YjYtYjM1ZTZmNGFiN2Vm
Request Chain 273
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 307
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZO6Zk_k6rGJK08KKXgKetwAAFJsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIqUHn9d3u6rwQ-bM5cXCe8&google_cver=1
Request Chain 308
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4853856628407888645
Request Chain 309
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=e1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3De1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253De1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=e1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3De1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253De1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=e1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3De1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=e1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3De1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=e1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348&gdpr=0&gdpr_consent=
Request Chain 311
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZO6ZlAAMXlM9EQA_ HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZO6ZlAAMXlM9EQA_&_test=ZO6ZlAAMXlM9EQA_
Request Chain 312
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZO6Zk_k6rGJK08KKXgKetwAAFJsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZO6Zk_k6rGJK08KKXgKetwAAFJsAAAIB
Request Chain 330
  • https://pr-bh.ybp.yahoo.com/sync/taboola/b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-wxglWCpE2oSseuAnDCKquyJoEaO8sAlTbiLRqw--~A
Request Chain 342
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHHko2Pks1slcoEK1lBfyZo&google_cver=1&google_push=AXcoOmRrX5ilZsQBO_XreZrd3HpJNcsql-7FLNhgnyzUpaeSBhLIO4VUujh_pJd4mZAchI5cbr7CQK-G0HVh9pEiR7Hw5JxVgRpUQNKI HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=3114f4566c6e241c&is_secure=true&networkId=14000&version=1&google_gid=CAESEHHko2Pks1slcoEK1lBfyZo&google_cver=1&google_push=AXcoOmRrX5ilZsQBO_XreZrd3HpJNcsql-7FLNhgnyzUpaeSBhLIO4VUujh_pJd4mZAchI5cbr7CQK-G0HVh9pEiR7Hw5JxVgRpUQNKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIOsjnu-fakQMxUy0OAAAAAAA&expiration=1693444884&google_cver=1&is_secure=true&google_gid=CAESEHHko2Pks1slcoEK1lBfyZo&google_push=AXcoOmRrX5ilZsQBO_XreZrd3HpJNcsql-7FLNhgnyzUpaeSBhLIO4VUujh_pJd4mZAchI5cbr7CQK-G0HVh9pEiR7Hw5JxVgRpUQNKI
Request Chain 343
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAcx9-UF25lWZ5fZ48wsxN0&google_cver=1&google_push=AXcoOmRPxJZf72l9mpAJBNa--Pkg3Z4FPKVJsQApkH5t2xowCBF7jWGprJ_pUBfSk0i3D82NVt3wwTbb47L10fybuMDUPUmt2PL4cq7M HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAcx9-UF25lWZ5fZ48wsxN0&google_cver=1&google_push=AXcoOmRPxJZf72l9mpAJBNa--Pkg3Z4FPKVJsQApkH5t2xowCBF7jWGprJ_pUBfSk0i3D82NVt3wwTbb47L10fybuMDUPUmt2PL4cq7M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SG9yWVluc3QxUUI5VEM1&google_gid=CAESEAcx9-UF25lWZ5fZ48wsxN0&google_cver=1&google_push=AXcoOmRPxJZf72l9mpAJBNa--Pkg3Z4FPKVJsQApkH5t2xowCBF7jWGprJ_pUBfSk0i3D82NVt3wwTbb47L10fybuMDUPUmt2PL4cq7M
Request Chain 344
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELhxBHDK9NzHb61N1DRW52Q&google_cver=1&google_push=AXcoOmTYcrB5wXi_dpMACaa89gt_OKusJAyJlM7cs6-OnYCf6dKv13HTpnNTHSF0zjqGEyW3RR-u1ZRPuOOLZ592ZDbnaxZJEIWP17gs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTYcrB5wXi_dpMACaa89gt_OKusJAyJlM7cs6-OnYCf6dKv13HTpnNTHSF0zjqGEyW3RR-u1ZRPuOOLZ592ZDbnaxZJEIWP17gs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELhxBHDK9NzHb61N1DRW52Q&google_cver=1&google_push=AXcoOmTYcrB5wXi_dpMACaa89gt_OKusJAyJlM7cs6-OnYCf6dKv13HTpnNTHSF0zjqGEyW3RR-u1ZRPuOOLZ592ZDbnaxZJEIWP17gs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTYcrB5wXi_dpMACaa89gt_OKusJAyJlM7cs6-OnYCf6dKv13HTpnNTHSF0zjqGEyW3RR-u1ZRPuOOLZ592ZDbnaxZJEIWP17gs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 346
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEOlC8JzRf5MgTr0DmmHrgC0&google_cver=1&google_push=AXcoOmSxJeMXHmSLZqLAFzSvPxXU3ubMpHvTEWhlhUsH_FC1LVqcmLP5oSbtl3BnC3NCp0F8M8mKzCFrAv6KQ68fFpE0dVN71Oa6huNH HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=tj_alYpYSxaVB-AeN1qjIg2&google_push=AXcoOmSxJeMXHmSLZqLAFzSvPxXU3ubMpHvTEWhlhUsH_FC1LVqcmLP5oSbtl3BnC3NCp0F8M8mKzCFrAv6KQ68fFpE0dVN71Oa6huNH
Request Chain 347
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDRIoAJUe-SlJTOYzRkJ9xI&google_cver=1&google_push=AXcoOmT_qQMuoNF-b5MNMyf8Wm4or-a4yZA4XJLHwME9IZ4hf7xJkEWVieWb-WCchrAzmI5MuYL5av-nv_h3AC9WMi8fF_8dlurvyJQd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT_qQMuoNF-b5MNMyf8Wm4or-a4yZA4XJLHwME9IZ4hf7xJkEWVieWb-WCchrAzmI5MuYL5av-nv_h3AC9WMi8fF_8dlurvyJQd
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHZVMhcE9EpC69TaxBr7mDk&google_cver=1
Request Chain 357
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1qajZtZUE5RTJ1SHN2aDNielZCSk12LnlRc0U5UC4wMX5B
Request Chain 362
  • https://hal90002.redintelligence.net/request.php?zone=ar0wka2ffzvy&nw=20&renderingType=javascript&namespace=4144e94b79&subid=&uid=156519bba037fe33&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGUHbk5nuZL3hAYTB-gaoroa4BKblvaBp_ZCcp8kP8C4QASC6hMAzYJUCyAEJqQIhXsNpQECyPqgDAcgDmwSqBOUBT9BDINRxbYeFiExI7SxDifdWZy-PPgZvgGyQh0xBBZ5BhksdJvG4d_WSzRQh8cGNWw3CGLlblrwQbzZPBOMBj2RZsHX9nzGXHFW5M0ubPvjJRw4xB_hpRMSAfFPeIfgThczbPP9-ZEN4Q4qlTZmALRRUzAJfnIUq9mSJ1yZMCVQNpj_dzHYWZUqeiGLTyaYFgxYdyF1qjPhiQqhlRVxzl3MdtV71VzFeXHq-DAHP_1W9pojE36ZLj7YmLcExOJRg2F0B6aULZ2dvw7foG2JbupK8xhJY5CbhEno8JCYjgK3GN5nCKcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI_fbu9puDgQMVhKDeCh0olwFHEAEYASAAEgKbSvD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWjVEMPG-CZSsF3vGb98JQf8ob35zJDhOGfFshVf4guAg3ZVtCKRDlHqNYLgtZVohBFkAvnKEVnZRpfS68nb_Ytwmq4VjT-BgB%26sig%3DAOD64_3qBjmdcJrcv07nHHU2D3ocFSg0Bg%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CAlBPxsCJ7Kdq3tU_AEhHpd49lhcfITQkQy4poSwwlBP1CRxnCowCUUI1fs9J14-FgUAUbHNZr8mjWhMkX2Z5PZxWZrrgZxG7WHt5rsI8rugTqDd0qDFxviFW1b8nOSsp7nrPlweA8Qj5qE347FKq_zT575dVweRDZEGGaoMaT8Iz2JoA%26cry%3D1%26dbm_d%3DAKAmf-DCzz0H0pjgmy7ngHZCsoSWHI2fDb3H_UqQ4mt0WdAqz9ziQI0gzrjeQCGxKY2akV_EeYxXwW47kEWP7vYXo1Yvg42Im0QXTAKUjnPU1H0gIPNRVmAyERNlRm6eXharkMkA-tUBjXHoozz7zY1CiQb8Krtud1eB9E4VlGpOO-scLDkw7UyKzWLKbULtyu24QjJFacrNOfD65_JdHiHoNAXSM1fY23mACZEP4_LTD2OQTo5FUR8PiQDfytBxgaeIRso7i9HiBqeVvf8LhCz7TRCIapasfjW7-xWRg6nXEkWh1-X-ZnfK3nahxm7gAfO-EPRrC1xJYuIcmb08isfswieArXcd0ZDLLSKI595UPeX6u0THW6rSY5SIvJgIFCaqi4cnt1No0e42o_76z_Tkth1-2wBhp6tJ3bV_-GEvJwLHb-F8XHQhn2vewHtO2si1OesJp6BJIdhocI7lgTh0AjEl2OCaUFeevS9_xiobX9gh83OpP84TgllV9P_La1EO_4szw2nMRlx-zUaCqgqFLmysJSdtk9lgrdl7Khug1LGt94rL9VBr4uBr-1a4yKqQXqCkahVPfDR6IUVk1aSdnNkqm2GnJYy7A5Kd1ppZ1R7pAKOxCeL6-8Zsbtlm89GLKEFwjnnR3Q43Orpep8ZjLwgSphKjeQBvqfYrTzMK_qRwGjCKoyY%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=7558562466495&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90002.redintelligence.net/request.php?zone=ar0wka2ffzvy&nw=20&renderingType=javascript&namespace=4144e94b79&subid=&uid=156519bba037fe33&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGUHbk5nuZL3hAYTB-gaoroa4BKblvaBp_ZCcp8kP8C4QASC6hMAzYJUCyAEJqQIhXsNpQECyPqgDAcgDmwSqBOUBT9BDINRxbYeFiExI7SxDifdWZy-PPgZvgGyQh0xBBZ5BhksdJvG4d_WSzRQh8cGNWw3CGLlblrwQbzZPBOMBj2RZsHX9nzGXHFW5M0ubPvjJRw4xB_hpRMSAfFPeIfgThczbPP9-ZEN4Q4qlTZmALRRUzAJfnIUq9mSJ1yZMCVQNpj_dzHYWZUqeiGLTyaYFgxYdyF1qjPhiQqhlRVxzl3MdtV71VzFeXHq-DAHP_1W9pojE36ZLj7YmLcExOJRg2F0B6aULZ2dvw7foG2JbupK8xhJY5CbhEno8JCYjgK3GN5nCKcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI_fbu9puDgQMVhKDeCh0olwFHEAEYASAAEgKbSvD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWjVEMPG-CZSsF3vGb98JQf8ob35zJDhOGfFshVf4guAg3ZVtCKRDlHqNYLgtZVohBFkAvnKEVnZRpfS68nb_Ytwmq4VjT-BgB%26sig%3DAOD64_3qBjmdcJrcv07nHHU2D3ocFSg0Bg%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CAlBPxsCJ7Kdq3tU_AEhHpd49lhcfITQkQy4poSwwlBP1CRxnCowCUUI1fs9J14-FgUAUbHNZr8mjWhMkX2Z5PZxWZrrgZxG7WHt5rsI8rugTqDd0qDFxviFW1b8nOSsp7nrPlweA8Qj5qE347FKq_zT575dVweRDZEGGaoMaT8Iz2JoA%26cry%3D1%26dbm_d%3DAKAmf-DCzz0H0pjgmy7ngHZCsoSWHI2fDb3H_UqQ4mt0WdAqz9ziQI0gzrjeQCGxKY2akV_EeYxXwW47kEWP7vYXo1Yvg42Im0QXTAKUjnPU1H0gIPNRVmAyERNlRm6eXharkMkA-tUBjXHoozz7zY1CiQb8Krtud1eB9E4VlGpOO-scLDkw7UyKzWLKbULtyu24QjJFacrNOfD65_JdHiHoNAXSM1fY23mACZEP4_LTD2OQTo5FUR8PiQDfytBxgaeIRso7i9HiBqeVvf8LhCz7TRCIapasfjW7-xWRg6nXEkWh1-X-ZnfK3nahxm7gAfO-EPRrC1xJYuIcmb08isfswieArXcd0ZDLLSKI595UPeX6u0THW6rSY5SIvJgIFCaqi4cnt1No0e42o_76z_Tkth1-2wBhp6tJ3bV_-GEvJwLHb-F8XHQhn2vewHtO2si1OesJp6BJIdhocI7lgTh0AjEl2OCaUFeevS9_xiobX9gh83OpP84TgllV9P_La1EO_4szw2nMRlx-zUaCqgqFLmysJSdtk9lgrdl7Khug1LGt94rL9VBr4uBr-1a4yKqQXqCkahVPfDR6IUVk1aSdnNkqm2GnJYy7A5Kd1ppZ1R7pAKOxCeL6-8Zsbtlm89GLKEFwjnnR3Q43Orpep8ZjLwgSphKjeQBvqfYrTzMK_qRwGjCKoyY%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=7558562466495&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 363
  • https://hal900027.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=118ff2abf7&subid=&uid=1a1ff0ec494852d0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJfXXk5nuZL7hAYTB-gaoroa4BKblvaBpnZecp8kP8C4QASC6hMAzYJUCyAEJqQIhXsNpQECyPqgDAcgDmwSqBOcBT9BvsAi9NPZxbVONyB6xysaUwYUUUyDf-kUrgKuKx0Fg-ErAQ5DI2RUwQdqVcWZU7bfs6Vfgw2T51cNm6JN9Sd0AhHUENBkcVukP-AW8vxNUwucOe1KJG5GaHsR0S7ve05Qx2BjK67pt1pkHbOvL02qT14gAdK9U__Jh1D2ugns-eRLruZYzGICTj3W4xj2UtoL_zntmP_yorZblY06MEm0Jz--cwYB5M4yXK66qpYmCYODoDvZfBco3T7guAHI_8qaMp43RlRBvyTLy_US-AuaRkj6f3ZY5pWlhVONxl-UhRwDGBjKmwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI_vbu9puDgQMVhKDeCh0olwFHEAEYASAAEgJ2j_D_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWjVEMPG-CZSsF3vGb98JQf8ob35zJDhOGfFshVf4guAg3ZVtCKRDlHqNYLgtZVohBFkAvnKEVnZRpfS68nb_Ytwmq4VjT-BgB%26sig%3DAOD64_0V_R20uuJeOGv-xV-k2uQ9Mb-jmA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-AQsxYW9n1C1UzW5RfjLGadzuWgRsJonvYnsK9nmF35BuoVR-h3__YKtUWUhYfkIbnf7b1G-qeAjsGQ_2jzq0veGU0vIo7EuYkZHYaJhpw_ikJvPwh7sh4CK7AEnEvfOOZ4PPdaHhRTTg_PTYjIMnyZx25Ul1IYpJlCk4AUDXX9hrpYqe4%26cry%3D1%26dbm_d%3DAKAmf-CA4EP-jyzwqR5ySLVOKDDGvYnjLPkKJuTzXBJSOgZ-kIcF3_0gosDG2gp_EL0yubBdAKXOtjXqOkWcFgV4MmCkVfjjj2wgWtu1RGyG3DSkmT8pCyOXviCDTu0DnYpDVu1FA4nZMs834CTzH9OjrkhY5upo8oL96rPk5l2bjSC_5D8UT4B11IrYwYi6KWB8xSWShPFo8pdZBAQb6iDXHquaT9xCq7GcgD9nnfCXnU9bsnUEOy2jnFtO7lHhhVEizFnbWGLGQDdlUFlNOeyqb8ej1sZU1Aps-LOUMJp855g78DzbYpDmjsFxAVdo0Ul0Qwg7AcIbLKoBbGXsJ1ALYdHtL5K5KffNBXM6uidjaazNO0bSIjc2Mqs5muP20rUf85rUZGXKzc-LtLTDc733KSe3SAxOB28xjUFhPDZfzg8tW9_h1zayZt5hFLDiWgArzD8XRQ3W0sGZQf11L2v1WzYsnayM_xi3gLFdXfbMHgUrgu7lEhqP8C5MiUk_VNjGDMqUzd_rK5mnwIT04NlzaiQ1QB9XMpWHxDtXzpQBuOyGM_TxKJbmjmlYiRtIItjWYHB0dt9ObJM0K7Uoupyhe_8D5GGjUmKzfgoWfgVhP09vrSTIeZnh1etvSXizxxf8nRgn7QPCBjwWBAi5QpZLz-taGRDB62ot7KqUU6xNluy5DYL7r7o%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=6880939456663&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900027.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=118ff2abf7&subid=&uid=1a1ff0ec494852d0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJfXXk5nuZL7hAYTB-gaoroa4BKblvaBpnZecp8kP8C4QASC6hMAzYJUCyAEJqQIhXsNpQECyPqgDAcgDmwSqBOcBT9BvsAi9NPZxbVONyB6xysaUwYUUUyDf-kUrgKuKx0Fg-ErAQ5DI2RUwQdqVcWZU7bfs6Vfgw2T51cNm6JN9Sd0AhHUENBkcVukP-AW8vxNUwucOe1KJG5GaHsR0S7ve05Qx2BjK67pt1pkHbOvL02qT14gAdK9U__Jh1D2ugns-eRLruZYzGICTj3W4xj2UtoL_zntmP_yorZblY06MEm0Jz--cwYB5M4yXK66qpYmCYODoDvZfBco3T7guAHI_8qaMp43RlRBvyTLy_US-AuaRkj6f3ZY5pWlhVONxl-UhRwDGBjKmwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI_vbu9puDgQMVhKDeCh0olwFHEAEYASAAEgJ2j_D_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWjVEMPG-CZSsF3vGb98JQf8ob35zJDhOGfFshVf4guAg3ZVtCKRDlHqNYLgtZVohBFkAvnKEVnZRpfS68nb_Ytwmq4VjT-BgB%26sig%3DAOD64_0V_R20uuJeOGv-xV-k2uQ9Mb-jmA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-AQsxYW9n1C1UzW5RfjLGadzuWgRsJonvYnsK9nmF35BuoVR-h3__YKtUWUhYfkIbnf7b1G-qeAjsGQ_2jzq0veGU0vIo7EuYkZHYaJhpw_ikJvPwh7sh4CK7AEnEvfOOZ4PPdaHhRTTg_PTYjIMnyZx25Ul1IYpJlCk4AUDXX9hrpYqe4%26cry%3D1%26dbm_d%3DAKAmf-CA4EP-jyzwqR5ySLVOKDDGvYnjLPkKJuTzXBJSOgZ-kIcF3_0gosDG2gp_EL0yubBdAKXOtjXqOkWcFgV4MmCkVfjjj2wgWtu1RGyG3DSkmT8pCyOXviCDTu0DnYpDVu1FA4nZMs834CTzH9OjrkhY5upo8oL96rPk5l2bjSC_5D8UT4B11IrYwYi6KWB8xSWShPFo8pdZBAQb6iDXHquaT9xCq7GcgD9nnfCXnU9bsnUEOy2jnFtO7lHhhVEizFnbWGLGQDdlUFlNOeyqb8ej1sZU1Aps-LOUMJp855g78DzbYpDmjsFxAVdo0Ul0Qwg7AcIbLKoBbGXsJ1ALYdHtL5K5KffNBXM6uidjaazNO0bSIjc2Mqs5muP20rUf85rUZGXKzc-LtLTDc733KSe3SAxOB28xjUFhPDZfzg8tW9_h1zayZt5hFLDiWgArzD8XRQ3W0sGZQf11L2v1WzYsnayM_xi3gLFdXfbMHgUrgu7lEhqP8C5MiUk_VNjGDMqUzd_rK5mnwIT04NlzaiQ1QB9XMpWHxDtXzpQBuOyGM_TxKJbmjmlYiRtIItjWYHB0dt9ObJM0K7Uoupyhe_8D5GGjUmKzfgoWfgVhP09vrSTIeZnh1etvSXizxxf8nRgn7QPCBjwWBAi5QpZLz-taGRDB62ot7KqUU6xNluy5DYL7r7o%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=6880939456663&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 376
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEP_q6z9bZzJySBZkdJvzz2E&google_cver=1&google_push=AXcoOmQv3nEdi5DeR51_x5e_ZP1zEckRsIXwRBg8Vq1JvZdNYRrsKZrVgpj-lBG8Qi0TUmMflGY2gnUYR6UlZWVyXfPuaQD_2qTU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQv3nEdi5DeR51_x5e_ZP1zEckRsIXwRBg8Vq1JvZdNYRrsKZrVgpj-lBG8Qi0TUmMflGY2gnUYR6UlZWVyXfPuaQD_2qTU
Request Chain 377
  • https://um.simpli.fi/gp_match?google_gid=CAESEOKx-Swc3XdugfhLHGvfpgY&google_cver=1&google_push=AXcoOmSVTs7DZWd5FPKwCP8rrsyPMMJg_2FIG2hz28bcpYfd8d41T_CDNEJmm2dB6PWBQVK2JTRPEUE0bZM_tMvqJer5tG3zWhy6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0197E0FE5B9F4CF0AF00A0E1A4D91CFE&google_push=AXcoOmSVTs7DZWd5FPKwCP8rrsyPMMJg_2FIG2hz28bcpYfd8d41T_CDNEJmm2dB6PWBQVK2JTRPEUE0bZM_tMvqJer5tG3zWhy6
Request Chain 378
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEN95FU9nop2TI6W0f2VxLPo&google_cver=1&google_push=AXcoOmTqvQoxWY1M08toNud1aYkenuBamAoVFmf4mt1bf96d6aedHQCuxdBMhBGWgaRv3-ieA8uWMq8D8T8m8GhFaubVnlCpTJ84 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MjkxOTMxMzQ3OTg5MTEwMg%3D%3D&google_push=AXcoOmTqvQoxWY1M08toNud1aYkenuBamAoVFmf4mt1bf96d6aedHQCuxdBMhBGWgaRv3-ieA8uWMq8D8T8m8GhFaubVnlCpTJ84
Request Chain 379
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDj76ZP2GcGrlcrouTwblOI&google_cver=1&google_push=AXcoOmRfNrzZrGzqxip8P-3TiXNgZe7Dqs--03XKTyQqMy5a2nOioCf_t5Yb-k8KljbTdwm8yqJlBRnoqntJ3Mg0GioPTlDsmtRR HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDj76ZP2GcGrlcrouTwblOI&google_cver=1&google_push=AXcoOmRfNrzZrGzqxip8P-3TiXNgZe7Dqs--03XKTyQqMy5a2nOioCf_t5Yb-k8KljbTdwm8yqJlBRnoqntJ3Mg0GioPTlDsmtRR HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=fd9c6952-267e-4773-9dfd-6de7d3199520 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=fd9c6952-267e-4773-9dfd-6de7d3199520 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=315151df-e50b-4aba-83b5-43d5bbe4c04b&user_group=1&ssp=google&bsw_param=fd9c6952-267e-4773-9dfd-6de7d3199520 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRfNrzZrGzqxip8P-3TiXNgZe7Dqs--03XKTyQqMy5a2nOioCf_t5Yb-k8KljbTdwm8yqJlBRnoqntJ3Mg0GioPTlDsmtRR&google_hm=_ZxpUiZ-R3Od_W3n0xmVIA==
Request Chain 380
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR1oiLZbMVCHnIyaIO4gXDKs5Rpd8ibhMspFvzxmQbe1hARh3msAHgeWwvp8hrlQFJIpA_4NImDOomcBcvXBU-n2bose34&google_gid=CAESENfsHfGF4cSdSjeaGKfEAFg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-kCH9E9JAq9eNTr6o39pVdEy4WCj5Dt9UkX-YDQ&google_push=AXcoOmR1oiLZbMVCHnIyaIO4gXDKs5Rpd8ibhMspFvzxmQbe1hARh3msAHgeWwvp8hrlQFJIpA_4NImDOomcBcvXBU-n2bose34
Request Chain 389
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 426
  • https://www.awin1.com/cshow.php?s=2246263&v=11467&q=346415&r=412871&pv=1&pref3=oneidJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtXoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.ch/ztpv.php?awc=11467_412871_1693358485_89c580d0-46d3-11ee-b5a9-2261897cac57&insert=AW&gdpr=0&gdpr_consent=
Request Chain 476
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=7221a60a3350172a&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIg52L8bm5kgMSINUiAAAAAAA&expiration=1693444886&nuid={OX_USER_ID}&is_secure=true
Request Chain 477
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=wnW-WCUrwAcys_bHd_JezA==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 479
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx%26bsw_param%3Dfd9c6952-267e-4773-9dfd-6de7d3199520%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=83223b3d94594f1292edf253045c7afd&ssp=openx&bsw_param=fd9c6952-267e-4773-9dfd-6de7d3199520&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=fd9c6952-267e-4773-9dfd-6de7d3199520&gdpr=&gdpr_consent=&us_privacy=
Request Chain 480
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0 HTTP 302
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0&tc=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=gYY10mNslvInZx0lhCEs&pi=openx&gdpr=0&tc=1
Request Chain 481
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ueUHZrboWzGitQEzt-FPM7vkUzqi4VBh7ulCzesD
Request Chain 488
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLmi1vibg4EDFeyR_QcdgcUHgA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023083003212788403301953X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023083003212788403301953X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218
Request Chain 495
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEP_q6z9bZzJySBZkdJvzz2E&google_cver=1&google_push=AXcoOmRme21LrZbP7T8_9NK0rjr0AZ7Q_gTpAhUk7nhVyqn4wgc_tJ0w3OB_as1xa0JihwIjLPd4ksZ0ty45voIMrmeD3kFoou_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRme21LrZbP7T8_9NK0rjr0AZ7Q_gTpAhUk7nhVyqn4wgc_tJ0w3OB_as1xa0JihwIjLPd4ksZ0ty45voIMrmeD3kFoou_g
Request Chain 496
  • https://um.simpli.fi/gp_match?google_gid=CAESEOKx-Swc3XdugfhLHGvfpgY&google_cver=1&google_push=AXcoOmSWRs2WW5UHrcw1hMNChlV0qA7uWnuNDNnTwGS_0wH4b6j62rxtRDneM7_f7w93YerVKOwF9aMj5kUgGzfYBlK4B_3hueAmSw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0197E0FE5B9F4CF0AF00A0E1A4D91CFE&google_push=AXcoOmSWRs2WW5UHrcw1hMNChlV0qA7uWnuNDNnTwGS_0wH4b6j62rxtRDneM7_f7w93YerVKOwF9aMj5kUgGzfYBlK4B_3hueAmSw
Request Chain 497
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEN95FU9nop2TI6W0f2VxLPo&google_cver=1&google_push=AXcoOmSVwI5rbrmrdBt_YVEyFTt_gtzuyrv4aJj_QaMJqFANQxupWB_6E8c_lBS1y43M-XRd6f_Vl7trjakz26qfHFcNBvzFMp5t0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MjkxOTMxMzQ3OTg5MTEwMg%3D%3D&google_push=AXcoOmSVwI5rbrmrdBt_YVEyFTt_gtzuyrv4aJj_QaMJqFANQxupWB_6E8c_lBS1y43M-XRd6f_Vl7trjakz26qfHFcNBvzFMp5t0g
Request Chain 498
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDj76ZP2GcGrlcrouTwblOI&google_cver=1&google_push=AXcoOmRuptfdIEXYj67xTrTshdxJt-zFLzZaUAG_GM3apfI92o8me-pnxh53B_lg21QDcNNFFdXbtw3PUUlA8L_zHnP2cq83xmBjSQ HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d9985359-ad17-446e-ab5e-a0d38c866935&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRuptfdIEXYj67xTrTshdxJt-zFLzZaUAG_GM3apfI92o8me-pnxh53B_lg21QDcNNFFdXbtw3PUUlA8L_zHnP2cq83xmBjSQ&google_hm=_ZxpUiZ-R3Od_W3n0xmVIA==
Request Chain 499
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTQV2e8YvEDE5RhF_NZZnH5gGrjoKftrwNndXZE8t6qqzcQ5KYtflQO30WaDsvsMTVKscb_1P3iQZBgSB4ZBXEaDjC_dal8&google_gid=CAESENfsHfGF4cSdSjeaGKfEAFg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-kCH9E9JAq9eNTr6o39pVdEy4WCj5Dt9UkX-YDQ&google_push=AXcoOmTQV2e8YvEDE5RhF_NZZnH5gGrjoKftrwNndXZE8t6qqzcQ5KYtflQO30WaDsvsMTVKscb_1P3iQZBgSB4ZBXEaDjC_dal8
Request Chain 507
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 512
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=4853856628407888645
Request Chain 513
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HPBxtRZHIDXCHu_cRruJxKnT
Request Chain 515
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1693358486785 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2978263750 HTTP 302
  • https://sync.1rx.io/usersync/turn/3630025452598104057?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7d39f28a-f76f-4b31-a862-b1662b604886-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-7d39f28a-f76f-4b31-a862-b1662b604886-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-7d39f28a-f76f-4b31-a862-b1662b604886-003
Request Chain 516
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5142336724966456893
Request Chain 517
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=59bdb483-cf2b-461e-b031-e5e10ecc29dc
Request Chain 518
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 519
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-fKgya1xE2uHX5gsbQ62fTRwhaaJVK4h2GWhUeTw-~A
Request Chain 520
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-5e23333f-ebe6-35a1-aa82-3cb42190cc12&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS01ZTIzMzMzZi1lYmU2LTM1YTEtYWE4Mi0zY2I0MjE5MGNjMTIQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS01ZTIzMzMzZi1lYmU2LTM1YTEtYWE4Mi0zY2I0MjE5MGNjMTIyAgwYOAE=
Request Chain 521
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-fKgya1xE2uHX5gsbQ62fTRwhaaJVK4h2GWhUeTw-~A
Request Chain 523
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 524
  • https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=328&uid=4c628fb3-b9fc-443e-af94-33892914ad6c
Request Chain 529
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=6945519203272921081
Request Chain 533
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=81e6062d-beb8-ecd6-9bbe4b9c
Request Chain 534
  • https://ids.ad.gt/api/v1/index?cb=https%3A%2F%2Fssum-sec.casalemedia.com%2Fium%3Fsourceid%3D15%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=0001yum0ea866kdiceebhhi98ldd7cecg7eeefigiaabackkc2jl
Request Chain 539
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=2e56ab9d118c241c&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIOsjnu-fa2QMqvbuxAAAAAAA&expiration=1693444886&is_secure=true
Request Chain 540
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7276866640929803979&expiration=1694568086
Request Chain 541
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709256087&external_user_id=c9fccd07-dd99-47a7-8d8b-5922dbe35aa3
Request Chain 542
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=7dtyf-LWLij2i3Qq4986Ku_aJiP23yV4utdql7r8
Request Chain 543
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3630025452598104057
Request Chain 544
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4853856628407888645
Request Chain 551
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=&ismms2s=1ZO6Zk-k6rGJK08KKXgKetwAA%265275
Request Chain 552
  • https://b1sync.zemanta.com/usersync/minutemedia/?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21515&uid=&ismms2s=1&gdpr=0
Request Chain 553
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21492&uid=&ismms2s=1&gdpr=0
Request Chain 555
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=&ismms2s=1847ad660-f33f-467d-ac5f-a387e4e8ee93
Request Chain 556
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D%26ismms2s%3D1 HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=b194e8a6da97957492dbdd42b6f58015&ismms2s=1
Request Chain 557
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=0&gdpr_consent=%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=1423789398647959843&gdpr=0&gdpr_consent=
Request Chain 559
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID%26ismms2s%3D1 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=1022224445056970700251&ismms2s=1
Request Chain 561
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID%26ismms2s%3D1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID%26ismms2s%3D1&rdf=1 HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=f6452273-e691-43e2-ad05-62a81736963e&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fd9c6952-267e-4773-9dfd-6de7d3199520&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 562
  • https://bh.contextweb.com/bh/rtset?pid=562963&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=ZtbkD4oV96sj&ismms2s=1&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=&gdpr=0
Request Chain 566
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=4853856628407888645
Request Chain 567
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_d50d3990-135f-4223-9df7-303347650d3d&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=fd9c6952-267e-4773-9dfd-6de7d3199520&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=fd9c6952-267e-4773-9dfd-6de7d3199520&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=03cbe419-5a10-4f08-a3f1-4e1e40391e96&ssp=gumgum2&bsw_param=fd9c6952-267e-4773-9dfd-6de7d3199520 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=fd9c6952-267e-4773-9dfd-6de7d3199520&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 568
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28hsRhzCqqAsB9hDkCiM57Sumk6uQz2z7CQhyzfjMgzo2K9FgfsMlJAdKNjTfaIEVV%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28hsRhzCqqAsB9hDkCiM57Sumk6uQz2z7CQhyzfjMgzo2K9FgfsMlJAdKNjTfaIEVV%29%26gdpr%3D0 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_d50d3990-135f-4223-9df7-303347650d3d&obuid=ENC(hsRhzCqqAsB9hDkCiM57Sumk6uQz2z7CQhyzfjMgzo2K9FgfsMlJAdKNjTfaIEVV)&gdpr=0 HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Request Chain 569
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=ea1e9014-a4b8-417f-b3bc-aa9d6cbb6530
Request Chain 570
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-94e41786-cd1c-5cdc-78a6-d1239c7086bd$ip$176.10.107.238
Request Chain 571
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-8B7uexFE2pdQ3W_L7K06GaY09rTQCpQbefFl~A
Request Chain 572
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=18a86487-cb20-4b9c-96c6-7f1a42396f8a
Request Chain 574
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_d50d3990-135f-4223-9df7-303347650d3d&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=fraC2Db-pFpi0kttCvnU&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2ZTSMFBTERDCFVYEM4DJGBVXI5CDOZXFKJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2ZTSMFBTERDCFVYEM4DJGBVXI5CDOZXFKJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=fraC2Db-pFpi0kttCvnU&us_privacy=1---
Request Chain 575
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=d6655485-fa8d-4675-9833-12b7fb188aa2
Request Chain 576
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=8MO6e4Qn8OT3&ev=1&pid=558355
Request Chain 577
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1423789398647959843
Request Chain 584
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
Request Chain 586
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LLX1X3HM-1Y-4NY6 HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LLX1X3HM-1Y-4NY6
Request Chain 587
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZO6ZlAAMXlM9EQA_&gdpr=0&gdpr_consent=
Request Chain 591
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZO6Zl8Co5ssAAHoOgbMAAAAA
Request Chain 593
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=gYY10mNslvInZx0lhCEs&pi=gumgum
Request Chain 594
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 597
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=b194e8a6da97957492dbdd42b6f58015&gdpr=0&gdpr_consent=0
Request Chain 598
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=1423789398647959843&gdpr=0&gdpr_consent=
Request Chain 599
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MTQyMzc4OTM5ODY0Nzk1OTg0Mw==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGyxegA6P5m0Z4E4o7eIpOQ&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 600
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=41f9cab5d4
Request Chain 605
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=55574aa0c217b20374af8af86adcfe8&gdpr_consent=&gdpr=0
Request Chain 606
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fd9c6952-267e-4773-9dfd-6de7d3199520&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=452BFA12-A165-423B-BCCD-1571C17A1756
Request Chain 610
  • https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693358486888-945078940339-001601-011-001831%26biddername%3D105%26pid%3D6444c646246df090c706ac34%26key%3D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1693358486888-945078940339-001601-011-001831&biddername=105&pid=6444c646246df090c706ac34&key=&gdpr=1
Request Chain 615
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1 HTTP 303
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/ HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/&cklb=1 HTTP 302
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=1423789398647959843
Request Chain 616
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LLX1X3HM-1Y-4NY6 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LLX1X3HM-1Y-4NY6
Request Chain 617
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7217811612
Request Chain 620
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LLX1X3HM-1Y-4NY6 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LLX1X3HM-1Y-4NY6
Request Chain 621
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=35efd8a7c6cb241c&is_secure=true&networkId=17100&version=1&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIg52L8bm5swNxbPWLAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 623
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=g2DuLoxtsnmYMOh7jWSme4FhunKYZLkp1Gyew_t2 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1e1b04219ed62446&is_secure=true&networkId=17100&version=1&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM4xNTwKqzCgMdMLLuAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 625
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RSv6EqFlQju8zRVxwXoXVg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 627
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3069703175
Request Chain 628
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=452BFA12-A165-423B-BCCD-1571C17A1756 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MTI1U2QyMGF3T0tROUNzWlhtd1lCZ1RaUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7276866640929803979&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 629
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDUyQkZBMTItQTE2NS00MjNCLUJDQ0QtMTU3MUMxN0ExNzU2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1aa266c7dd217f7&is_secure=true&networkId=17100&version=1&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM1CdzCy7rswNP-MsXAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 630
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBpgsDTDQGcMQ07rMr-L2SQ&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7a220ac0dedd172a&is_secure=true&networkId=17100&version=1&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIOsjnu-fa8QMGM2IrAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 633
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7276866640929803979 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=986429cc1de241c&is_secure=true&networkId=17100&version=1&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM4xNTwKqzDQNwLBRfAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 635
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=452BFA12-A165-423B-BCCD-1571C17A1756&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-iX4.gahE2uWVet_8EcIHuXqmcEhTc6k-~A&gdpr=0
Request Chain 639
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/d6c9abc3df939590fad0813ae57572b3a7b0928cd33f4c5b5c655de373df2980
Request Chain 640
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/7276866640929803979
Request Chain 645
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/abf3186358d318c95338632f8f395184?gdpr_consent=&gdpr=0
Request Chain 648
  • https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smartyads/cdbfa5b5be126547759d5aeeded4da2d1cd2c86b531da33917655bdcd24b272b
Request Chain 688
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4853856628407888645&gdpr=0&gdpr_consent=
Request Chain 689
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7272919313479891102&gdpr=0&gdpr_consent=
Request Chain 690
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=lOQXhs0cXNx4ptEjnHCGvbAKa-4&gdpr=0&gdpr_consent=
Request Chain 692
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUc02c09529f8c4753bd0a8a2df37cd09a
Request Chain 693
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 694
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDV2MwN0ozVE1BQUNWLUFueHNCUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACWc07J3TMAACV-AnxsBQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1423789398647959843&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AACWc07J3TMAACV-AnxsBQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1423789398647959843%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1423789398647959843&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACWc07J3TMAACV-AnxsBQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACWc07J3TMAACV-AnxsBQ&gdpr=0&gdpr_consent=
Request Chain 695
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336724966456893
Request Chain 698
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=452BFA12-A165-423B-BCCD-1571C17A1756&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=452BFA12-A165-423B-BCCD-1571C17A1756&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 699
  • https://pixel.onaudience.com/?partner=214&mapped=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 700
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3630025452598104057&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 701
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2a77e1b8-abaf-4cdf-a216-d9de91313262&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 703
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent=
Request Chain 705
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8996300839723427136
Request Chain 708
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=juuxb1tts5qe
Request Chain 710
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0991025d5c421830/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JaRRbaXVQVjWXbSYa%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=7d78c60d7e4a5b5d9f3bbdf29696888b&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D39puKE4JaRRbaXVQVjWXbSYa%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaRRbaXVQVjWXbSYa&gdpr=0&gdpr_consent=
Request Chain 712
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348&gdpr=0&gdpr_consent=
Request Chain 713
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4853856628407888645
Request Chain 731
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6350637498
Request Chain 732
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0197E0FE5B9F4CF0AF00A0E1A4D91CFE&gdpr=0&gdpr_consent=

720 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
www.bg3.co/a/ 		56 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c6c5f2c4a0168792fcaba214f56439972ef30d4cc46de8ec2f172c729ca4ef4e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=900
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 01:21:21 GMT
etag
"e01c-pASJXlddWu13Tdfcg3PxGuxz4V8"
expires
Wed, 30 Aug 2023 01:36:21 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		277 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
414b99d0b12ace50c7f9564dc1312dc8dd402eee7f4e21a09c8eb985bae52e80
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 30 Aug 2023 01:21:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72910
x-xss-protection
0
server
sffe
etag
"2a2204830152c287"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Aug 2023 01:21:22 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
785ab3f607af910860161420126772503e70521c4c4f1f9991bf02d458b025a1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 30 Aug 2023 01:21:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9642
x-xss-protection
0
server
sffe
etag
"70a38e2739f7f331"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Aug 2023 01:21:22 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b3054cad42c9d6b8c8e8dfb7e976141618f7d080f4820371e089255e41a6be8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 30 Aug 2023 01:21:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7559
x-xss-protection
0
server
sffe
etag
"a03a85f96803d825"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Aug 2023 01:21:22 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9433
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=197sSi2pIbF%2FbSYVphiD1NJKfGmnL2sva3UJzo4wyCAuhbvsz91h8L7Uy5we7TV0Ch9zSF5d96bXtVHEjxXccBqGknYvAeYzKRazpy0o2l2yBYPvBmEAbdWyxscjB%2FaGV74b2fOYJpybheXezA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7fe93773b85fbb1f-MXP

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
player.js
cdn.unibotscdn.com/ubplayer/ 		238 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/player.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1077 /
Resource Hash
e15c4cca57a411ee4af4d2ca12a0c4a26192db407e55fbdd32a3b7af1cc961bb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
br
cdn-edgestorageid
1049
cdn-storageserver
DE-679
cdn-cachedat
08/28/2023 06:15:28
cdn-pullzone
873945
last-modified
Mon, 28 Aug 2023 06:15:09 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
645
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64ec3b6d-3b9ef"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
437c0b15939f3416dd1db3b0e690115e
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
adRecover.js
delivery.adrecover.com/43519/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
eada67cef809faab179bb42d56042d47c6a205526e110cab1a8f03a585104a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Wed, 30 Aug 2023 01:21:22 GMT
x-ap-device
DESKTOP
content-encoding
br
last-modified
Tue, 29 Aug 2023 07:00:30 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-ap-geo
CH
content-length
10017
expires
Wed, 30 Aug 2023 02:21:22 GMT
adpushup.js
cdn.adpushup.com/42753/ 		657 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:179c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9ed8d22b40d30ca76771d14a739c9ef4028fced22e2391f49f6ba43e6851cd79

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Wed, 30 Aug 2023 01:21:22 GMT
x-ap-device
DESKTOP
content-encoding
br
last-modified
Tue, 29 Aug 2023 01:02:24 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-ap-geo
CH
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693358481997_389027484_589562852_107_1263_19_42_146";dur=1
content-length
141192
expires
Wed, 30 Aug 2023 02:21:22 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		452 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f04748c6c1022211f2715efee19aea61fbe787df16e5743e943ac47fd1fe040

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
EmVGI7YCR3_.PeI9pT1INsW34KuNMjjL
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 01:21:22 GMT
x-amz-request-id
XAA2N5Q64V4CVABY
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
52568
x-amz-id-2
0GJ+T5VOcEw44ofcSYjbqduau7vKCJ/P45EzVGnmvWIX0YDCuu3Q2FohOx6b5k3BOPK4d+l2qgw=
x-served-by
cache-mxp6936-MXP
last-modified
Tue, 29 Aug 2023 09:49:44 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693358482.015538,VS0,VE210
etag
"a75942579c3c67e2c4468fa2e9b6f356"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
67
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-14e98"
vary
Accept-Encoding
x-hw
1693358482.dop007.ml1.t,1693358482.cds214.ml1.hn,1693358482.cds027.ml1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
e73704bbd0941d669a4c0238d44584f3.jpg
static.bg3.co/imgs/202105/ 		0
0
7e38cbe0ad2a852a4403ab5f5decf0ad.jpg
static.bg3.co/imgs/202105/ 		0
0
d12f1ae3decd9b63913b5d85a608d348.jpg
static.bg3.co/imgs/202108/ 		0
0
68515ec66322ff7213d2211d7be9dd51.jpg
static.bg3.co/imgs/202106/ 		0
0
49d7ffcca0447ac2125f170263987b48.jpg
static.bg3.co/imgs/202105/ 		0
0
a9e722e59ec9295d0adc6fb39370dbd8.jpg
static.bg3.co/imgs/202105/ 		0
0
495555d2428b79a40e489efe7279a104.jpg
static.bg3.co/imgs/202105/ 		0
0
49e9ab5fce0e1d68f8fb499e437bd58c.jpg
static.bg3.co/imgs/202106/ 		0
0
fbc286c40f2c992a40b9eacd900893ff.jpg
static.bg3.co/imgs/202105/ 		0
0
57e1babb29e7c7c22dc438040685037e.jpg
static.bg3.co/imgs/202106/ 		0
0
badb929ee14f74aca12d00e1ebdadaf9.jpg
static.bg3.co/imgs/202105/ 		0
0
54acf8d0ec7610a882f9553f3ee358a9.jpg
static.bg3.co/imgs/202106/ 		0
0
ed72987824d4430cf333bcbf42a08c31.jpg
static.bg3.co/imgs/202112/ 		0
0
135a6bd58cb07064f57b9a5b7423d6b7.jpg
static.bg3.co/imgs/202105/ 		0
0
793be6523e4df37e90bf12082c33c04c.jpg
static.bg3.co/imgs/202106/ 		0
0
65293796112165134ea2dcd7eec25e7f.jpg
static.bg3.co/imgs/202105/ 		0
0
4b1ce36f07751feb3758c2736a32d890.jpg
static.bg3.co/imgs/202105/ 		0
0
153703999b11e267d01582983f204f06.jpg
static.bg3.co/imgs/202105/ 		0
0
7f117596244adecc7ac888ca2b61b4fb.jpg
static.bg3.co/imgs/202105/ 		0
0
5c7508a407c9df38a591d275ae4ecbb5.jpg
static.bg3.co/imgs/202106/ 		0
0
3b76f7d361fa6e0dece059401253afc3.jpg
static.bg3.co/imgs/202105/ 		0
0
8afa8d492b2c82dabb9c725826a18793.jpg
static.bg3.co/imgs/202105/ 		0
0
8eb5d70bd28e828e550542e779e6d848.jpg
static.bg3.co/imgs/202106/ 		0
0
71be8f26ba7c1022de3d9e1392998570.jpg
static.bg3.co/imgs/202106/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012308112021001/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308112021001/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
050ec4d92c5b1d288dca8a55a237020fd146e01868b332e0b0e9daa490d79868
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 27 Aug 2023 10:35:59 GMT
age
225923
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2981
x-xss-protection
0
server
sffe
etag
"e2313e89a5a42311"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 26 Aug 2024 10:35:59 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012308112021001/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308112021001/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c9898e809ba2721b9a31b38b166d74df665f29b60c3641a0040c364ff1ff42d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 16:47:34 GMT
age
30828
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23196
x-xss-protection
0
server
sffe
etag
"fe0683e7c09dadfa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 16:47:34 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		4 KB
878 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f379674203c48a06c17732d28a1ee3870aebfae6a68f096403398f99c471ded
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
530
x-xss-protection
0
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1693358482.dop007.ml1.t,1693358482.cds214.ml1.hn,1693358482.cds219.ml1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
amp-loader-0.1.js
cdn.ampproject.org/rtv/012308112021001/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308112021001/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61bd61275d0bcb32c94307af4841ef25ed29edd6b3c01928c6d4f3e72023edd1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 27 Aug 2023 01:31:36 GMT
age
258586
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3937
x-xss-protection
0
server
sffe
etag
"2b86e8be3366a913"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 26 Aug 2024 01:31:36 GMT
block.jpg
delivery.adrecover.com/ 		631 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1693358482227
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Wed, 30 Aug 2023 01:21:22 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
accept-ranges
bytes
content-length
631
expires
Wed, 30 Aug 2023 02:21:22 GMT
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:179c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
br
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
nginx/1.18.0
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693358482266_389027484_589562887_95_1502_19_0_146";dur=1
content-length
122286
expires
Thu, 29 Aug 2024 01:21:22 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:179c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693358482306_389027484_589562889_53_1473_19_40_146";dur=1
accept-ranges
bytes
content-length
317
expires
Thu, 29 Aug 2024 01:21:22 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:179c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1693358482306_389027484_589562888_317_1479_19_0_146";dur=1
content-length
18371
expires
Wed, 30 Aug 2023 02:21:22 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6251e9bd2e967619021c1ed8322c6073d535572bd095f00a7b42871ba8f3dd2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29258
x-xss-protection
0
server
cafe
etag
169 / 19599 / 31077463 / config-hash: 3287751012361123362
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 01:21:22 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTMzNTg0ODIyNzIsInBhY2tldElkIjoiMDAwMEE3MDEtMzZiYjljMzAtN2VjZC00ZTJlLThjYzYtOTFjNzMxMDRjMTY4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poYS1qaS1oYW8teGlhbmcteGlhby1qaWUtamllLWppYW4tYmFuZy1jaHUteGlhbi1kYS1uaXUtdG91LWxhLWNoZS1zaG91LWJpLWdlaS13by1jaGktbGEuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2494.7999992370605
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:22 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:22 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTMzNTg0ODIzOTQsInBhY2tldElkIjoiMDAwMEE3MDEtMzZiYjljMzAtN2VjZC00ZTJlLThjYzYtOTFjNzMxMDRjMTY4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poYS1qaS1oYW8teGlhbmcteGlhby1qaWUtamllLWppYW4tYmFuZy1jaHUteGlhbi1kYS1uaXUtdG91LWxhLWNoZS1zaG91LWJpLWdlaS13by1jaGktbGEuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=2616.2999992370605
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:22 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTMzNTg0ODIzOTksInBhY2tldElkIjoiMDAwMEE3MDEtMzZiYjljMzAtN2VjZC00ZTJlLThjYzYtOTFjNzMxMDRjMTY4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poYS1qaS1oYW8teGlhbmcteGlhby1qaWUtamllLWppYW4tYmFuZy1jaHUteGlhbi1kYS1uaXUtdG91LWxhLWNoZS1zaG91LWJpLWdlaS13by1jaGktbGEuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=2621.7999992370605
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:22 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTMzNTg0ODI0MDEsInBhY2tldElkIjoiMDAwMEE3MDEtMzZiYjljMzAtN2VjZC00ZTJlLThjYzYtOTFjNzMxMDRjMTY4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poYS1qaS1oYW8teGlhbmcteGlhby1qaWUtamllLWppYW4tYmFuZy1jaHUteGlhbi1kYS1uaXUtdG91LWxhLWNoZS1zaG91LWJpLWdlaS13by1jaGktbGEuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI4NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF8zMzZYMjgwXzg2MWUwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M18zMzZYMjgwXzg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlcnZpY2VzIjpbNV0sImFkVW5pdFR5cGUiOjh9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=2623.3999977111816
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:22 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012308112021001/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308112021001/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8981d56ad12440e4a887c1eadd162989de82309192f65090e0caeb6a536d0bd6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 16:47:37 GMT
age
30825
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10332
x-xss-protection
0
server
sffe
etag
"357fb2387498ae63"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 16:47:37 GMT
impl.20230828-5-RELEASE.js
cdn.taboola.com/libtrc/ 		803 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230828-5-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
0baa94216c66d3a4bdc270836e0a2f467deb4c429100b83a16fce4100a67cac3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
7kMkvLkfiPZ2Gh6IM_0ldQg90Xoqj_R1
content-encoding
br
via
1.1 varnish
date
Wed, 30 Aug 2023 01:21:22 GMT
x-amz-request-id
RS3EJH1BF7JN604P
age
27809
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
169947
x-amz-id-2
S6ueCFcfsvX3ACzr98hQ+ZR1eBguNK/FHB1P4BjI7XX2ShAvzCEo1kMqo1d2XDLgdxUHbjTcIl0=
x-served-by
cache-mxp6936-MXP
last-modified
Mon, 28 Aug 2023 09:37:53 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693358482.451749,VS0,VE0
etag
"a7316518cdc4e16de601cf88e1e68fed"
vary
Accept-Encoding
content-type
application/javascript
abp
77
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1883
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTMzNTg0ODIzOTQsInBhY2tldElkIjoiMDAwMEE3MDEtMzZiYjljMzAtN2VjZC00ZTJlLThjYzYtOTFjNzMxMDRjMTY4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poYS1qaS1oYW8teGlhbmcteGlhby1qaWUtamllLWppYW4tYmFuZy1jaHUteGlhbi1kYS1uaXUtdG91LWxhLWNoZS1zaG91LWJpLWdlaS13by1jaGktbGEuaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2667.199996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:22 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012308112021001/v0/ 		213 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308112021001/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b21494e0b9fbdb189c3d293c079eb568bb7a99a49e7d054e2990ff169624772
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 16:49:13 GMT
age
30729
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57632
x-xss-protection
0
server
sffe
etag
"8aea9812c9790f25"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 16:49:13 GMT
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 06 Sep 2023 01:21:22 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ 		404 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077463
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 11:39:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
49332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129934
x-xss-protection
0
server
cafe
etag
17007686020673988365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 28 Aug 2024 11:39:10 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230830
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32eae5ac37a6fa422532679db09a5ba09e1fb0559d191208ff1babbc1be1fe7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
33633
x-jsd-version
1.0.1797
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"63d-y0xnGXM1F02SZhtv2ffvvco9+hE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJnpXP1CiMAyQK3%2B8G9nBYRR9yEF9kldzBlfk80LdvDi3EN3ldvHXfJLl%2FGe85%2FKuAria3zAbizLY6lA8rHSvZxz65tRv34M97ziRb8J096IwCXUag7f%2FA%2FHaDPMK8%2BqRJoUD1QrsNYWwJP8Gec%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7fe93773ea680221-ZRH
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
8e0e19cf4bf43e2040f26aeca0429588bd564bdf8821d12a6a7e6cc864c4dea1

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.127.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=e5bcb92e-dfd8-454e-918d-b2c844e9c1c1%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E7%82%B8%E9%9B%9E%E5%A5%BD%E9%A6%99%EF%BC%81%E5%B0%8F%E5%A7%90%E5%A7%90%E8%82%A9%E8%86%80%E3%80%8C%E5%87%BA%E7%8F%BE%E5%A4%A7%E7%89%9B%E9%A0%AD%E3%80%8D%E6%8B%89%E6%89%AF%E6%89%8B%E8%87%82%EF%BC%9A%E7%B5%A6%E6%88%91%E5%90%83%E5%95%A6%EF%BD%9E&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=4ba21d2f-4f04-4064-907f-be81c7883dbb%3B870d2f68-9e15-4049-baa2-0534ed23ea77&l_pb_bid_id=274597a8f900b5%3B373908d566ca23&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=4ba21d2f-4f04-4064-907f-be81c7883dbb%3B870d2f68-9e15-4049-baa2-0534ed23ea77&rp_maxbids=1&slots=2&rand=0.007081275820089328
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
daf952ebb111e4f545496f2bbc252741ad9c0c693b672e3eeb7da6ba8cbac8d0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
adreq
ads.servenobid.com/ 		981 B
771 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=3639
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
5
content-length
3
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c4843bcd5884fc8c4b4409f5d349e687ef137349588fc07a20898fb9b457dc6d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Wed, 30 Aug 2023 01:21:22 GMT
bid-request
a.teads.tv/hb/ 		16 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 30 Aug 2023 01:21:22 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41690e2aa8566f9729efe22abb783d94d0c4e6360230ae933941ade592d7d8e0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORvlOQn9dyU3GEIClxH%2FjXxqbPP8UVxbSoCpHJRmf4EqrPejKE%2B%2Fy8UxzUBKhProyulrrEMgEwQ%2Fg0o84%2FtE08YZDX5cQvgBky9KFBYI%2FkeOgElkMNFWHzZTCjb5JJHcRorcUQGH"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7fe937744ee60208-ZRH
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93334ab1ab8aaa5a11724a5fa0556d40013547bbb01599e2f93a2477aa7dd57b

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUMOkiWdzcSQuznqa4MGO2FaCiZUzSjEipJhLz8uIdzcRbgaRI8T4zykXhGYRzpXe%2FveWrkR19Vc%2FmlOHy%2FU%2B1FjiP03V4%2FvvGFD7e7EOhSoRnsvVcF3qs%2FtEa4FnMav4NaOkzu5"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7fe937744ee70208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93334ab1ab8aaa5a11724a5fa0556d40013547bbb01599e2f93a2477aa7dd57b

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4THl9tt3S9Ahnzw8ulRytssLlRwGz2B2osxPf5vhGcKUYPI3mS145eXRGdGwHr79UM0D6cOJlNbO3mKj0lSiVOB%2F5ecydiKxGTjBjPL%2BX9s9DcfYZuQXYM%2B9ckQyF%2BqkPL3AIaNy"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7fe937744ee80208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
/
prebid.smilewanted.com/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7fe9377449a359e9-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7fe9377459a459e9-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebidjs
rtb.openx.net/openrtbb/ 		53 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
8428e18fa0e00de8dde69db31ec03ccafb44f23de1719ed3325dfa8f9119f42c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 30 Aug 2023 01:21:22 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 30 Aug 2023 01:21:22 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 30 Aug 2023 01:21:21 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
auction
tlx.3lift.com/header/ 		19 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.158.222.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-222-16.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:22 GMT
accept-ch
sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version
x-auction-status
29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b630dc7f29bcf755454482ad7e11218535c81ae05d49e8685e3128954ba05848
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
gzip
an-x-request-uuid
50b47590-4e62-404d-81bc-cff1b26e3552
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.107.238; 176.10.107.238; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		36 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.134.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-134-194.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c153ef1ab17e83308822fd27d553e82ea7d86c85b376b2ad1e79f4795e15343e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 30 Aug 2023 01:21:22 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
16883
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=2025345726&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b3deb40e8e4a2b83ad534cfddcd4c643ba0d44f001978663e3da177f9e839477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
sync
gum.criteo.com/ 		46 B
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230828-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
255308
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		72 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=03%3A21%3A22.611&lti=deflated&data=%7B%22id%22%3A645%2C%22ii%22%3A%22%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1693302574610%2C%22vi%22%3A1693358482607%2C%22cv%22%3A%2220230828-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html%22%2C%22vpi%22%3A%22%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3423%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1500%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230828-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
478738cc1c1845552076c7ddb6d9b34784346ceae016bba6a25a0fcf055137d7

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
324
date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
78318
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mxp6936-MXP
x-log-content-encoding
gzip
server
nginx
x-timer
S1693358483.631804,VS0,VE324
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
631 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9319
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbd%2FQ5rpNYQthYR967F4NslBHsM2g07XrPaLQ1tMejEgGRqadb7iSFp2zPhjSy5RzHqgpZtNdwgFeDRUg8A66TDxXsVhU%2BhXGqDs%2FmT2b26oBDvVSuvzoEzi31%2BpXrmJywEn7gxx50Fj8XdlIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7fe9377468bdbb1f-MXP
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
cdac16ee46310e8e5144370376c57e2e301bd93edda818e5a1e8add93084111e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
cdac16ee46310e8e5144370376c57e2e301bd93edda818e5a1e8add93084111e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012308112021001/v0/ 		110 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308112021001/v0/amp-analytics-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56054bf9cf09691ffd386eff93c6e0d6bb37f013169e654ad69452ca46ea04f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 16:47:31 GMT
age
30831
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32117
x-xss-protection
0
server
sffe
etag
"c248cf79a55331c7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 16:47:31 GMT
nameframe.html
d-32056384452617586320.ampproject.net/2308112021001/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-32056384452617586320.ampproject.net/2308112021001/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.5568230783127044&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.05788638792472023&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ba00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:17:16 GMT
via
1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
246
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
UVElSa2zl6hswe5sEHR8LbZjzsJQGlnJ3F144hEl-vtU8irt2MTzHA==
bg3.json
cdn.unibotscdn.com/clientdata/ 		19 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/bg3.json
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1077 /
Resource Hash
0c19ceb9e644432030306134ea0de541336c4e1698356fab363bf803e2583990

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
gzip
cdn-edgestorageid
1078
cdn-storageserver
DE-677
cdn-cachedat
08/01/2023 11:49:47
cdn-pullzone
873945
last-modified
Tue, 01 Aug 2023 11:47:20 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
652
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
2541cc4a7b027deb876d55775683b91b
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077463
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:d200:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
Date
Tue, 29 Aug 2023 05:08:18 GMT
Via
1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
72785
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
9MGvnEeG77LdLGJiaNk9KwZ96NKRQcVduyLLRN-bnvNZpilNLHl66g==
esp.js
cdn.id5-sync.com/api/1.0/ 		119 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 10:48:56 GMT
server
cloudflare
x-amz-request-id
EVKQ68W9E9Y61EG0
age
1422
etag
W/"e6744398f78bbd5138fa1a9e34f686e4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7fe93775cdca0f5a-MXP
x-amz-id-2
u/tsBY4UCZ4S++kcOkbhuEIdaujaoeOiY83Db7UUSaNf4iRnPaKWTLZUHWLJzSncjAfo1zboxvE=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077463
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
26253
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-yyz4527-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WiK8WA8n%2F%2FMKemIcUpu0sLnmZo9vJfykV2woJyd34CUI9MYDEF7Xa18ILU7uPPirHz0GNpaVLOPtCmUmLj%2FtxAMWNpssU2jnyoHcljLcaISgOSH8eWzKNHjg%2B%2BFoyhiggGRc5pAok62em2zY2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7fe937759ed601e7-ZRH
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-aa04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 31 Aug 2023 01:21:22 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 04:27:21 GMT
content-encoding
gzip
age
161641
x-guploader-uploadid
ADPycdvO63Bs2hpfvrq4P31AF9LvzTxHSA_jJUqYOnbEjFh1BfJWVElI9jTga5pYHwO5mvT4IwwwIh1cSCracbb_xVSxAQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 27 Aug 2024 04:27:21 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		170 KB
49 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=667450605189739&correlator=1904423148718568&eid=31077256%2C31077463%2C20222283&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1693358482784&lmt=1693351282&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1870201937.1693358483&ga_sid=1693358483&ga_hid=1500233466&ga_fc=false&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&dlt=1693358481941&idt=809&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_18_0_pv%26cluster_reporting%3Dchrome_DESKTOP_18_1_active_0_pv%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26deduct_ad_fee%3Dfalse%26adro%3Dv4_c%26faid%3Dfalse&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077463
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
300019961046bc99d7943010b6858e421085dc333b375ffc7014ca6f97bb9e2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50429
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0941 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:22 GMT
expires
Thu, 29 Aug 2024 01:21:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl_page_level_ads.js?cb=31077463
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077463
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9aabc95877405be6d241a9c2aac270eb9f0da56062d1cbc78c922eaf9004c8b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 11:39:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
49294
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13172
x-xss-protection
0
server
cafe
etag
7949494514302333357
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 28 Aug 2024 11:39:48 GMT
bg3.js
cdn.unibotscdn.com/clientdata/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/js/bg3.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1077 /
Resource Hash
85644dd43bd4cd844ab209f5eb91ee8d46e01b891214145ff2e89a5a3ef5a00d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
br
cdn-edgestorageid
874
cdn-storageserver
DE-168
cdn-cachedat
08/26/2023 12:01:21
cdn-pullzone
873945
last-modified
Sat, 26 Aug 2023 12:00:46 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
660
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64e9e96e-57f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
9610a434de3c3b7d829dbc8b13a9c455
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		975 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1077 /
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
br
cdn-edgestorageid
874
cdn-storageserver
DE-588
cdn-cachedat
08/09/2023 17:49:28
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
569
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-3cf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
251e44dc6f52829ce1359034c298f09d
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1077 /
Resource Hash
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-164
cdn-cachedat
08/28/2023 14:43:30
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
576
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-eda"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
40547f20e688a5de11c8ff29eee194bc
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		39 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1077 /
Resource Hash
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-680
cdn-cachedat
08/29/2023 14:59:51
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:08 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf618-9cdf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
9f14074670b45631f525af09aca4bd2a
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
bg3.css
cdn.unibotscdn.com/clientdata/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/css/bg3.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1077 /
Resource Hash
c6dedbf49578df8b1ec598034daa1324e417fbeef3602a7b7ab570390fb46fd3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
br
cdn-edgestorageid
863
cdn-storageserver
DE-167
cdn-cachedat
08/09/2023 22:25:50
cdn-pullzone
873945
last-modified
Tue, 01 Aug 2023 11:45:19 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
569
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64c8f04f-534"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
f1410d9575006c49e230f2f4d13f3f8f
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ub-player.css
cdn.unibotscdn.com/ubplayer/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/css/ub-player.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1077 /
Resource Hash
1e229e795661d9b3f0e7534df3b8af346ca934a563664581f9b978133c48e281

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
br
cdn-edgestorageid
1054
cdn-storageserver
DE-662
cdn-cachedat
08/25/2023 08:14:47
cdn-pullzone
873945
last-modified
Fri, 25 Aug 2023 08:08:48 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
647
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64e86190-1b06"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
5debeafa9565e6282942e01eab63dabb
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		356 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad527d7ac9e5c62049e2d0186ab8a60a4a6d8527b78711a37be14a8bfc557d44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125502
x-xss-protection
0
expires
Wed, 30 Aug 2023 01:21:22 GMT
pixel;r=469276187;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html;uh=e51ed67dfb8d91dc24b15e2a...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=469276187;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-569587477-1693358482724;pbc=e5bcb92e-dfd8-454e-918d-b2c844e9c1c1;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1693358482854;tzo=-120;ogl=;ses=f8e88d31-16b5-493f-be1b-cd963495d614;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:22 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
googleanalytics.json
cdn.ampproject.org/rtv/012308112021001/v0/analytics-vendors/ 		2 KB
886 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308112021001/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 25 Aug 2023 00:40:00 GMT
age
434482
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
856
x-xss-protection
0
server
sffe
etag
"e15648e5e89a387e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 24 Aug 2024 00:40:00 GMT
ga4.json
amp.analytics-debugger.com/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6719 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32949
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 29 Aug 2023 16:12:13 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FqFCzLm8ktEy9GdmUsg3YmB%2Bm3iTU%2Fn%2FM4E4aYB4kNTOu2BZlpJsQ%2BdlDfs8W5%2FQpXGFvZDi79M4PYIuUtJqGFDYFJ7sbxe%2F3uzRhIGICwPt6y3x9Sw2u8EIm%2B7T1JB2c1N9efInleTSPKHYS9YNv5J3q%2FMgW7IXtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=86400
access-control-allow-credentials
true
x-debug-em-all-ga4amp-version
20230607
cf-ray
7fe937764fc859cb-MXP
gtag.json
cdn.ampproject.org/rtv/012308112021001/v0/analytics-vendors/ 		3 KB
956 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308112021001/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 27 Aug 2023 13:44:16 GMT
age
214626
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
926
x-xss-protection
0
server
sffe
etag
"dfac254e180932fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 26 Aug 2024 13:44:16 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&rid=esp&cc=1
85 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&rid=esp&cc=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
48af09fe4efdcacd6e1ca2f3e828ecb4caa2d86045157c93630381f093bd348c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-AY8Nn1G9HeVTGOXs86XfFoy6Xp0"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 30 Aug 2023 01:21:23 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.bg3.co
location
/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
il95o8vjrn
www.clarity.ms/tag/ 		650 B
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/il95o8vjrn
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cd7bc03f1d054a94638043c1c84ebae5d33b3ed96660f55ca1d797850b6d1f0b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
date
Wed, 30 Aug 2023 01:21:23 GMT
x-azure-ref
0kpnuZAAAAAA7qHF2QZcGTLudcgtMOeyMWlJIRURHRTEzMDYANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
650
expires
-1
increment
id5-sync.com/api/esp/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 30 Aug 2023 01:21:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
amp
www.googletagmanager.com/gtag/ 		684 B
762 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Wed, 30 Aug 2023 01:21:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
305
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS96aGEtamktaGFvLXhpYW5nLXhpYW8tamllLWppZS1qaWFuLWJhbmctY2h1LXhpYW4tZGEtbml1LXRvdS1sYS1jaGUtc2hvdS1iaS1nZWktd28tY2hpLWxhLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS0zNmJiOWMzMC03ZWNkLTRlMmUtOGNjNi05MWM3MzEwNGMxNjgiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiMzkwMzhmNGUtMDBhOC00ZTgyLWI0NTYtMWRlNzYwY2Q5ZTBjIiwidGltZU9mQXVjdGlvbiI6MTY5MzM1ODQ4MjUyOCwiYmlkcyI6W3siY3BtIjowLjAzLCJhZElkIjoiNzUxN2Q5MTRjZDZkZjhlIiwib3JpZ2luYWxDcG0iOjAuMDMsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMjk5OTk5OTk5OTk5OTk5OTcsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjI1OSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTMzNTg0ODI4MDd9LHsiY3BtIjowLjAzMTQ0MTUsImFkSWQiOiI4MzEzNGJjNDcyZmVjZjgiLCJvcmlnaW5hbENwbSI6MC4wMzY5ODk5OTk5OTk5OTk5OTUsImJpZGRlciI6ImFkbGl2ZXRlY2giLCJyZXZlbnVlIjowLjAwMDAzMTQ0MTUsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjM2OSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTMzNTg0ODI5MzJ9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoiYWRsaXZldGVjaCIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiODMxMzRiYzQ3MmZlY2Y4IiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDAzMTQ0MTV9LHsic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjM5MDM4ZjRlLTAwYTgtNGU4Mi1iNDU2LTFkZTc2MGNkOWUwYyIsInRpbWVPZkF1Y3Rpb24iOjE2OTMzNTg0ODI1MjgsImJpZHMiOlt7ImNwbSI6MC4wMywiYWRJZCI6Ijc2YzNmOTIwY2RlZTM2ZSIsIm9yaWdpbmFsQ3BtIjowLjAzLCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDI5OTk5OTk5OTk5OTk5OTk3LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjoyNjEsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjkzMzU4NDgyODA5fSx7ImNwbSI6MC4wMywiYWRJZCI6Ijc3NDM4Yjk1MmY1Nzk2MSIsIm9yaWdpbmFsQ3BtIjowLjAzLCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDI5OTk5OTk5OTk5OTk5OTk3LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjoyNjEsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjkzMzU4NDgyODA5fSx7ImNwbSI6MC4wMSwiYWRJZCI6Ijc4NmViNjY1ZGQ4OTIwMiIsIm9yaWdpbmFsQ3BtIjowLjAxLCJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6Mjc2LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5MzM1ODQ4MjgxMn0seyJjcG0iOjAuMDA5MTgwMDAwMDUxODU2MDQxLCJhZElkIjoiNzlkOGEyY2IwM2NiNWM4Iiwib3JpZ2luYWxDcG0iOjAuMDA5MTgwMDAwMDUxODU2MDQxLCJiaWRkZXIiOiJjcml0ZW8iLCJyZXZlbnVlIjowLjAwMDAwOTE4MDAwMDA1MTg1NjA0MiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MzEwLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5MzM1ODQ4Mjg3Nn0seyJjcG0iOjAuMDMwNjUxLCJhZElkIjoiODAzZTM1ODdhMmNjMmUxIiwib3JpZ2luYWxDcG0iOjAuMDMwNjUxLCJiaWRkZXIiOiJhcHBuZXh1cyIsInJldmVudWUiOjAuMDAwMDMwNjUxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjozMzMsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjkzMzU4NDgyODkzfSx7ImNwbSI6MC4wMzE0NDE1LCJhZElkIjoiODIzYWQ3MWJiMzczMDRiIiwib3JpZ2luYWxDcG0iOjAuMDM2OTg5OTk5OTk5OTk5OTk1LCJiaWRkZXIiOiJhZGxpdmV0ZWNoIiwicmV2ZW51ZSI6MC4wMDAwMzE0NDE1LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjozNjgsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjkzMzU4NDgyOTMxfV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6ImFkbGl2ZXRlY2giLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6IjgyM2FkNzFiYjM3MzA0YiIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAwMzE0NDE1fV0sImNvdW50cnkiOiJDSCJ9&c_b=3159.099998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:22 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
syncframe
gum.criteo.com/ Frame 7D07 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:22 GMT
server
Kestrel
server-processing-duration-in-ticks
217608
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=667450605189739&correlator=2242596131201874&eid=31077256%2C31077463%2C20222283&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height%2Cheight&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1693358482973&lmt=1693351282&adxs=236%2C315&adys=60%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&vis=1&psz=728x-1%7C970x-1&msz=728x-1%7C970x-1&fws=4%2C516&ohw=728%2C1600&ga_vid=1870201937.1693358483&ga_sid=1693358483&ga_hid=1500233466&ga_fc=false&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&dlt=1693358481941&idt=809&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_18_0%26cluster_reporting%3Dchrome_DESKTOP_18_1_active_0%26misc%3Drefresh_experiment_pv%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.03%26hb_ap_adid%3D823ad71bb37304b%26hb_ap_bidder%3Dadlivetech%26fcEnabled%3D0%7CstopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_18_0%26cluster_reporting%3Dchrome_DESKTOP_18_1_active_0%26misc%3Drefresh_experiment%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.03%26hb_ap_adid%3D83134bc472fecf8%26hb_ap_bidder%3Dadlivetech%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26deduct_ad_fee%3Dfalse%26adro%3Dv4_c%26faid%3Dfalse&adks=1420297610%2C2825066673&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077463
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dc8229552305055d78a81e3ce6c064d42766f69e9655a4b9c018910e0c8b9d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16575
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 7D07
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=SxKA_nx2RXc4RVBOMkFJMXlpekJwY1l1U0traG5qeVBRVS9wZGMyOXhXMGVDYUJuZzZ2TmtiazJpTk1sZVorSE95L3gvNUhhalYwMWtENlMrZFZTWFIxTVVkbUI0dy9QMGZBc2drazR1cXR1Qmp2YjNCcUZ3UE5SME9nMW...
433 B
672 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=SxKA_nx2RXc4RVBOMkFJMXlpekJwY1l1U0traG5qeVBRVS9wZGMyOXhXMGVDYUJuZzZ2TmtiazJpTk1sZVorSE95L3gvNUhhalYwMWtENlMrZFZTWFIxTVVkbUI0dy9QMGZBc2drazR1cXR1Qmp2YjNCcUZ3UE5SME9nMWppcmYrTnhlQ1pXNW12a3hBZzRyYXA5QnJ3NWRUUCs0TlpWN05FNVlZQXlEYUZpdThWM05KMXJmcjdlOWp0Ulo1Rk5yMDlzVjNTNFVSV2R2ME9WdElVNTNpNnZyQlBDTU1zeGl1QmNwSFVVejFaQWlDdkJNTXpsYUk3WVc3a2pDZ1JVSlp1cjRhV2pKd2dNaTlrY1ZDZVM0UWVxTVN6dz09fA&cppv=2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2b07978825469958bbbfb05b0a5f8380b29f43751340910278d0e85645e8d413
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1194301
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=SxKA_nx2RXc4RVBOMkFJMXlpekJwY1l1U0traG5qeVBRVS9wZGMyOXhXMGVDYUJuZzZ2TmtiazJpTk1sZVorSE95L3gvNUhhalYwMWtENlMrZFZTWFIxTVVkbUI0dy9QMGZBc2drazR1cXR1Qmp2YjNCcUZ3UE5SME9nMWppcmYrTnhlQ1pXNW12a3hBZzRyYXA5QnJ3NWRUUCs0TlpWN05FNVlZQXlEYUZpdThWM05KMXJmcjdlOWp0Ulo1Rk5yMDlzVjNTNFVSV2R2ME9WdElVNTNpNnZyQlBDTU1zeGl1QmNwSFVVejFaQWlDdkJNTXpsYUk3WVc3a2pDZ1JVSlp1cjRhV2pKd2dNaTlrY1ZDZVM0UWVxTVN6dz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
320791
content-length
0
expires
0
floating-unit.20230828-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20230828-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28e0d25399aa9272b6476a5ded5ac8ffc339c2021b68bc82a71b4468faa9b655

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KuNnUwQ6XChkRDQgJy0h6MTD6qyjx_fe
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 01:21:23 GMT
x-amz-request-id
4RN5244RQ3WYVCF1
age
55861
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2473
x-amz-id-2
jGbqvpvNRMELR85CcEc3cHtsjiV7gvYiPzhlspRdwrSW5qg3HHPBOJbUzZRNALvrkiV2mupDfUM=
x-served-by
cache-mxp6936-MXP
last-modified
Tue, 29 Aug 2023 09:50:22 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693358483.031138,VS0,VE0
etag
"6d008bd4af84bfc523ec6dba2aef1ccd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
24
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
491
taboola-vignette-new-scanning.20230828-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230828-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f79bc8fc815aa09865432dcda81b09731e3cfbde18eec06b31690af1360d3d9a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ludJTtKPoj7781a1qVct3k1MferzoiBM
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 01:21:23 GMT
x-amz-request-id
C0KX8KWQWEFMKCJH
age
55772
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8019
x-amz-id-2
nb5DoZmjIz35G6eawN09SdbfTdeS38M047U8xTRkDpwxMDyErEjqfqDIVHHaQeOwfUT4Sv5URaQ=
x-served-by
cache-mxp6936-MXP
last-modified
Tue, 29 Aug 2023 09:51:50 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693358483.031490,VS0,VE0
etag
"0c7128793cfdf06f51ad50947a829c08"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
79
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
404
distance-from-article.20230828-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230828-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7a994af7c455a8262368f03cf539a57bc1fdfaa68c002a0ae84ddefc785066b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cPOMRqdv8.ITWZ9VFo.KYujQDijtv55U
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 01:21:23 GMT
x-amz-request-id
KQBQVEDQK94W9M2M
age
55897
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1133
x-amz-id-2
Z80q7tNaxubSFcHGwJmiAq5Xn0g+1k8baJzbNZPhKTw9jm7dDCj639y/MectmN9ogbTYbVTVbPk=
x-served-by
cache-mxp6936-MXP
last-modified
Tue, 29 Aug 2023 09:49:46 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693358483.046398,VS0,VE0
etag
"7c5ae10e9aa87cb497c72fdefc56c760"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
0
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
6301
article-detection.20230828-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230828-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd1afa9a12375840ab6020dcac846aa98b4483f485c95d4f988459eeb7be4b41

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
rcCt_p0sCoGfAKBlfItZUYoCQrTc88nu
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 01:21:23 GMT
x-amz-request-id
EGD15DDEH68CY5CA
age
55913
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1292
x-amz-id-2
i7+raM2C4cIp7a9CxSBE+AbBzcwIqTae5cSZbbws+vnMj0B2YBYe5KHzHlfAIUsZQBLrFK1Fp3Q=
x-served-by
cache-mxp6936-MXP
last-modified
Tue, 29 Aug 2023 09:49:30 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693358483.046698,VS0,VE0
etag
"643b99e0d1aa4351382bd605aa8e5b07"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
89
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
6312
article-and-feed-area-scanner.20230828-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20230828-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
adb37f19277b0ba1c3ccdf15ea9a9bc80a61afacf3c5db2e4359cc0aafbd7d00

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
GIlVCT_9XZjfDMiX.ADvdO0mSxYRdTyo
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 01:21:23 GMT
x-amz-request-id
VB6YTACG8HGAWQMT
age
55914
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1148
x-amz-id-2
Bd8yxSgHdv9Quc1J5kj5SdFhu18g5vJ/GIxuLVKZS3SX8bHMzgevb4Dv4amkr/Ci/KX17E+LR0M=
x-served-by
cache-mxp6936-MXP
last-modified
Tue, 29 Aug 2023 09:49:29 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693358483.046683,VS0,VE0
etag
"593ae7cf4e87e05123bd0a5e52038c23"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
41
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2127
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.2.6/ 		125 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.2.6/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230828-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e34222b88bb8dd60c1200d0422c58749ca77f9bd11f914adfa547112b594a0a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
via
1.1 f0503dd1ece22a88692fda1dd995e2e0.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
MXP53-P3
age
61065
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
35854
x-served-by
cache-mxp6936-MXP
last-modified
Tue, 29 Aug 2023 08:23:00 GMT
server
AmazonS3
x-timer
S1693358483.063574,VS0,VE0
etag
"f76b1e9d5dacd2063a335a6684ebb080"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
0je4IsVpkM-JZUj_GeJAYlX3dJXFgCB_fY-zFxAcZucbmdCsj2ky-w==
x-cache-hits
7241
feed-card-placeholder.20230828-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230828-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84ec45ebaad092128b2688507924ff0f15b1537392ddb8d7521a90928dd2660c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
1IyGDyFMOtRkHHpQFDsC.581HfygwnvW
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 01:21:23 GMT
x-amz-request-id
EM3PZ4QXPXAFPVA2
age
55880
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
bdFyJdphGsYO3nEyv4YBYz4G5gWdZw1CfZxwxaPXIluxgT+V4rKBERlNvk6rMOMZOkX6M5J60rA=
x-served-by
cache-mxp6936-MXP
last-modified
Tue, 29 Aug 2023 09:50:01 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693358483.050852,VS0,VE0
etag
"79bb3e40f94831d507c399fb39e51639"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
1
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
6180
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 01:21:23 GMT
x-amz-request-id
M69MRPPN7M4PBEQF
age
47
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
XNB8EIik98c2zNN/pIgwT7tTCujVZFxUJ9ih2e4ba3+c8yTHb0dWN9umfTF4hbpslUQ3EHDYxLs=
x-served-by
cache-mxp6936-MXP
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693358483.053805,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
50
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
8
userx.20230828-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230828-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
373fc6175258e52c18ccb9668048ea2dd607192fd3eba02eab05b2ecb8725291

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
vNWxrT4VgJ9UHA1yYGQkko1RmI.5dNlM
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 01:21:23 GMT
x-amz-request-id
300MPPP8469FWBM4
age
55768
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
xb6qSBymTZy0vXC+44NWBTFglp3ktl+eHTaoKCtT16FdxI/c4cSQMAjh48lkIfqEzyUA5F85u70=
x-served-by
cache-mxp6936-MXP
last-modified
Tue, 29 Aug 2023 09:51:55 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693358483.056318,VS0,VE0
etag
"a762b23b47cb4b1304b1b5ba3160e737"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
39
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1249
explore-more.20230828-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230828-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16466ab14fa67cadb9fe1240eb6d3ee8c287a0ddcf4c2cf81eb77ba4bc9ebcf7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
jan6A7MX2J5Sc4vdXuwbq1XAzSU5wcV.
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 01:21:23 GMT
x-amz-request-id
XNABWXWJ3H7ZVY53
age
55891
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8803
x-amz-id-2
1PVxd27mHmjV18bUyVwUTL1tmIIaDCFbBte8Hu5WT4GCPrvKyJRhjV+f/TCzp02l7Mk/EcicR7I=
x-served-by
cache-mxp6936-MXP
last-modified
Tue, 29 Aug 2023 09:49:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693358483.069676,VS0,VE0
etag
"db3074c3884b7bd82457f31e53af8051"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
51
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3450
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=18de33bc42e1b53b405792fdf227d090&sd=v2_f15575f9f34cae369be78b0b94cead83_b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12_1693358482_1693358482_CNawjgYQ2YJdGK_Jn6CkMSABKAEwKziy0A1At4gQSKHb3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12&pi=/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&wi=2969251236148102464&pt=text&vi=1693358482607&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=03%3A21%3A23.024&id=4384&llvl=2&cv=20230828-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=18de33bc42e1b53b405792fdf227d090&sd=v2_f15575f9f34cae369be78b0b94cead83_b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12_1693358482_1693358482_CNawjgYQ2YJdGK_Jn6CkMSABKAEwKziy0A1At4gQSKHb3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12&pi=/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&wi=2969251236148102464&pt=text&vi=1693358482607&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1693358483024%7D&tim=03%3A21%3A23.024&id=2294&llvl=2&cv=20230828-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=18de33bc42e1b53b405792fdf227d090&sd=v2_f15575f9f34cae369be78b0b94cead83_b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12_1693358482_1693358482_CNawjgYQ2YJdGK_Jn6CkMSABKAEwKziy0A1At4gQSKHb3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12&pi=/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&wi=2969251236148102464&pt=text&vi=1693358482607&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1693358483033%7D&tim=03%3A21%3A23.033&id=8192&llvl=2&cv=20230828-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=18de33bc42e1b53b405792fdf227d090&sd=v2_f15575f9f34cae369be78b0b94cead83_b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12_1693358482_1693358482_CNawjgYQ2YJdGK_Jn6CkMSABKAEwKziy0A1At4gQSKHb3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12&pi=/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&wi=2969251236148102464&pt=text&vi=1693358482607&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=03%3A21%3A23.063&id=8038&llvl=2&cv=20230828-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A21%3A23.065&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=8418&cv=20230828-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
65072
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A21%3A23.066&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=6022&cv=20230828-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
65072
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A21%3A23.073&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=3585&cv=20230828-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
65072
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A21%3A23.074&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=512&cv=20230828-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
65072
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A21%3A23.080&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=6244&cv=20230828-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
65127
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 99F3 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d967862f671a258bd80640477fb8ab23f9a610621c2d754b7d17847a338a47f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7893
x-xss-protection
0
server
cafe
etag
8963620386059079872
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 01:21:23 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 6B04 		714 B
785 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
8654
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7fe937777c220e15-MXP
content-encoding
br
content-type
text/html
date
Wed, 30 Aug 2023 01:21:23 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POjqRTDyLsuCtgKiAsWJP5ZRzquy6HbeEpkZCOcfC56yHMmVHAHtwBMZQRUBnzQAHIj3CuMoVqu7IDcSjA7iiSu25P5FQ6IM%2FzlWeJW1hvWsAntzlvv4GwqCm%2FVvIYT%2F8%2FfGWvYR0yHXWEAf7A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 044F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 30 Aug 2023 01:21:23 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 30 Aug 2023 01:21:23 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Wed, 30 Aug 2023 01:21:23 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 6760 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
74d841997c9b80beeb2bb14186ea9cd4c6e45fc6df8a6b362c104834a1360863
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7895
x-xss-protection
0
server
cafe
etag
8510608135991850503
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 01:21:23 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame A4E0 		714 B
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
8654
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7fe937778c290e15-MXP
content-encoding
br
content-type
text/html
date
Wed, 30 Aug 2023 01:21:23 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60ySTGVoEs4eeXTzXor8xrDE8NOLIHLVmAL0oEZ1tGXHf%2BePjFVEstRtNx82wfYmphG5mR62YBgTQrj%2BziL9a%2B2pgePQOT0EIBDOfYMfJtQf0TcB%2B9KpKXDwzRg8J%2B1nEhR92yQ8%2BK%2BoLC8qRg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 7A93
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 30 Aug 2023 01:21:23 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 30 Aug 2023 01:21:23 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_705%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_705%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5cb07d0ac8b04c4362804696766eb2445aeed711c9040c49a1b16b75504c32b7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 30 Aug 2023 01:21:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_705%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age
2813534
edge-cache-tag
356686445197087509435470419559440289029,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
356686445197087509435470419559440289029,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
373
expiration
expiry-date="Fri, 11 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.cyclismactu.net/
content-length
107214
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000028-IAD, cache-iad-kiad7000098-IAD, cache-lga21946-LGA, cache-iad-kiad7000101-IAD, cache-mxp6936-MXP
last-modified
Tue, 11 Jul 2023 03:38:46 GMT
server
nginx
x-timer
S1693358483.143569,VS0,VE2
etag
"e00df394c71531c4b5ea0c7f18e73922"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 2, 1
6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a8a347e67412b43a5f7b1f5dd68e82101655949c78da94255ae1708e5ff38819

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 30 Aug 2023 01:21:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age
2372316
edge-cache-tag
356686445197087509435470419559440289029,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
356686445197087509435470419559440289029,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
402
expiration
expiry-date="Thu, 10 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.sport1.de/
content-length
83890
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200035-IAD, cache-iad-kjyo7100036-IAD, cache-sna10739-LGB, cache-iad-kcgs7200070-IAD, cache-mxp6936-MXP
last-modified
Mon, 10 Jul 2023 10:04:45 GMT
server
nginx
x-timer
S1693358483.143274,VS0,VE0
etag
"81f305b7f9c27554fb01203c3e1001ff"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 19, 2
3b7ee591e7a9bb09e43ac8ab4422aee1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b7ee591e7a9bb09e43ac8ab4422aee1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7287a28fd3a5686be6cdfcbeedf17e03cbcd2c62ef5c28138d8f4f026c717e6b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 30 Aug 2023 01:21:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b7ee591e7a9bb09e43ac8ab4422aee1.jpg
age
3228760
edge-cache-tag
460077859501167843258512618898716504471,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
460077859501167843258512618898716504471,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
78
expiration
expiry-date="Fri, 28 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.hoerzu.de/
content-length
15532
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100034-IAD, cache-iad-kcgs7200072-IAD, cache-lga21980-LGA, cache-iad-kjyo7100176-IAD, cache-mxp6936-MXP
last-modified
Tue, 27 Jun 2023 02:25:28 GMT
server
nginx
x-timer
S1693358483.143559,VS0,VE1
etag
"abfed88a498c1b8b80b8bfd4f1232e2d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 244, 1
e718385635596ec61917cc20a986ed73.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e718385635596ec61917cc20a986ed73.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e874f3357bdc2e91b37ad196d538c560ee68c4783d902fd8eaceb61fa8b292bb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 30 Aug 2023 01:21:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e718385635596ec61917cc20a986ed73.jpg
age
2810292
edge-cache-tag
509136067150149147444761147946419357428,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
509136067150149147444761147946419357428,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
89
req-referer
https://www.aerotelegraph.com/
content-length
15556
x-request-id
8715776153159a5b30d3e1860c52d9d2
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000091-IAD, cache-iad-kcgs7200094-IAD, cache-lax10680-LGB, cache-iad-kjyo7100089-IAD, cache-mxp6936-MXP
last-modified
Thu, 27 Jul 2023 19:49:10 GMT
server
nginx
x-timer
S1693358483.168757,VS0,VE0
etag
"72bdc99e269265bd1aa8b7e3313f0516"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 1, 9, 3
nYim6X6SYHYMpRj.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/nYim6X6SYHYMpRj.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d4f683c39724b4b24cce251d1653b70c002760f120aa7655bf2e067d0d6d874a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 30 Aug 2023 01:21:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/nYim6X6SYHYMpRj.jpg
age
2966777
edge-cache-tag
338166782886888119765135496302646930728,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
338166782886888119765135496302646930728,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
850
expiration
expiry-date="Wed, 16 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://goodtoknowthis.com/
content-length
17080
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200040-IAD, cache-iad-kiad7000170-IAD, cache-sna10721-LGB, cache-iad-kcgs7200025-IAD, cache-mxp6936-MXP
last-modified
Sun, 16 Jul 2023 07:28:46 GMT
server
nginx
x-timer
S1693358483.172235,VS0,VE1
etag
"e6dfa0dca774079dc7577154b334ca81"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 243, 1
aban1.gif
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/jv48DMz/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/jv48DMz/aban1.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
43d46ca8ec37f3df134d8374fe75a94d8eed05f56a09c94ce4fbf81e425f18a4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 30 Aug 2023 01:21:23 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/jv48DMz/aban1.gif
age
2400905
edge-cache-tag
369131431458741576796747560766529093586,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
369131431458741576796747560766529093586,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT
expiration
expiry-date="Sun, 13 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length
20035
x-backend-name
CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by
cache-iad-kjyo7100104-IAD, cache-iad-kjyo7100104-IAD, cache-mxp6936-MXP
last-modified
Thu, 13 Jul 2023 01:05:44 GMT
server
cloudinary
x-timer
S1693358483.180076,VS0,VE1
etag
"6e3934b7838a823c8e41fa329c91e1dc"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 783, 1
360fd688aa592cb149ed24e1841d2d15.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/360fd688aa592cb149ed24e1841d2d15.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
302be377185f1d9c660dad950516501936a7910aa304bcfe5b685fcda6f02dec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 30 Aug 2023 01:21:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/360fd688aa592cb149ed24e1841d2d15.jpg
age
2146434
edge-cache-tag
467034397575831769978129637040287281398,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
467034397575831769978129637040287281398,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
310
expiration
expiry-date="Tue, 15 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://flytant.com/
content-length
30874
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kjyo7100127-IAD, cache-iad-kjyo7100065-IAD, cache-sna10737-LGB, cache-iad-kiad7000169-IAD, cache-mxp6936-MXP
last-modified
Sat, 15 Jul 2023 04:37:36 GMT
server
nginx
x-timer
S1693358483.195436,VS0,VE2
etag
"925064ec83d3f1f82adfb23b7f19243e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 39, 1
6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
223b0d1f5fe9805e59af9f9b4eca70ba74d52431790f365d72f6c4c761d1c961

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 30 Aug 2023 01:21:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age
3669331
edge-cache-tag
356686445197087509435470419559440289029,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
356686445197087509435470419559440289029,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
247
expiration
expiry-date="Thu, 10 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.morgenpost.de/
content-length
94302
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100133-IAD, cache-iad-kjyo7100128-IAD, cache-sna10739-LGB, cache-iad-kjyo7100132-IAD, cache-mxp6936-MXP
last-modified
Mon, 10 Jul 2023 08:47:15 GMT
server
nginx
x-timer
S1693358483.196816,VS0,VE1
etag
"78af0e2d92f1d0853f93e08bf0474e82"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 25, 1
nYim6X6SYHYMpRj.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/nYim6X6SYHYMpRj.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f850aeb66ebd071a936f2a879916d67c6d18275de85f414f5489249c89dee244

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 30 Aug 2023 01:21:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/nYim6X6SYHYMpRj.jpg
age
4362012
edge-cache-tag
338166782886888119765135496302646930728,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
338166782886888119765135496302646930728,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
740
expiration
expiry-date="Thu, 13 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ouest-france.fr/
content-length
19382
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000136-IAD, cache-iad-kiad7000054-IAD, cache-lax10643-LGB, cache-iad-kiad7000170-IAD, cache-mxp6936-MXP
last-modified
Mon, 12 Jun 2023 02:58:39 GMT
server
nginx
x-timer
S1693358483.200842,VS0,VE1
etag
"0adc8ec46c2767904c6ee865def1f1ec"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 3, 1, 67, 1
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=1778&cid=amp-K7TurNvsnEUkvxtHg09MBQ&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&dr=&dt=%E7%82%B8%E9%9B%9E%E5%A5%BD%E9%A6%99%EF%BC%81%E5%B0%8F%E5%A7%90%E5%A7%90%E8%82%A9%E8%86%80%E3%80%8C%E5%87%BA%E7%8F%BE%E5%A4%A7%E7%89%9B%E9%A0%AD%E3%80%8D%E3%80%80%E6%8B%89%E6%89%AF%E6%89%8B%E8%87%82%EF%BC%9A%E7%B5%A6%E6%88%91%E5%90%83%E5%95%A6%EF%BD%9E%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1693358483&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308112021001/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3b7ee591e7a9bb09e43ac8ab4422aee1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b7ee591e7a9bb09e43ac8ab4422aee1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
407649409da84d21705ad1e3a847c527e7a76f0cb3086f5c65cfc9b4e8326755

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 30 Aug 2023 01:21:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b7ee591e7a9bb09e43ac8ab4422aee1.jpg
age
585520
edge-cache-tag
460077859501167843258512618898716504471,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
460077859501167843258512618898716504471,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
204
req-referer
https://www.t-online.de/
content-length
49798
x-request-id
38bafd99e2be0aab75ebd2b7191ea7a9
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100105-IAD, cache-iad-kjyo7100074-IAD, cache-iad-kjyo7100087-IAD, cache-mxp6936-MXP
last-modified
Tue, 22 Aug 2023 02:34:33 GMT
server
nginx
x-timer
S1693358483.216752,VS0,VE2
etag
"168beee3ca9ad9ff7835bab9ad49234c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 14, 1
e718385635596ec61917cc20a986ed73.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e718385635596ec61917cc20a986ed73.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
206a5816dd0a975ad8ca8307a017de9757f4d5e4eb039c26d47c3390e7cc845c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 30 Aug 2023 01:21:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e718385635596ec61917cc20a986ed73.jpg
age
2810292
edge-cache-tag
509136067150149147444761147946419357428,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
509136067150149147444761147946419357428,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
362
req-referer
https://www.abendblatt.de/
content-length
47982
x-request-id
8715776153159a5b30d3e1860c52d9d2
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000091-IAD, cache-iad-kcgs7200094-IAD, cache-lax10624-LGB, cache-iad-kcgs7200177-IAD, cache-mxp6936-MXP
last-modified
Thu, 27 Jul 2023 19:49:10 GMT
server
nginx
x-timer
S1693358483.222600,VS0,VE2
etag
"72bdc99e269265bd1aa8b7e3313f0516"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 1, 13, 1
collect
stats.g.doubleclick.net/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-K7TurNvsnEUkvxtHg09MBQ&aip=1&sid=1693358483&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308112021001/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		524 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1077 /
Resource Hash
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
cdn-edgestorageid
860
cdn-storageserver
DE-570
cdn-cachedat
07/06/2023 22:30:42
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:19 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
340
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"642bf623-830a3"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
40035df6757a60d292c7ff3f9fe8fee2
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6B04 		99 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02070959aebb82ec9bd95b483fc69fc16e248a67fe816cc43b0f421e54ddc67b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28888
x-xss-protection
0
server
cafe
etag
648 / 19599 / m202308240101 / config-hash: 3287751012361123362
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 01:21:23 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A4E0 		99 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa28b23382b0ab28224b8c0e4cb4ad7d1c15a6f2b9bc7208fa2b88329490cc56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28888
x-xss-protection
0
server
cafe
etag
483 / 19599 / m202308240101 / config-hash: 3287751012361123362
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 01:21:23 GMT
next-up-widget.20230828-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20230828-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd3e225ea76235815b19dd73a043acc97dba688120c55a2685befa000db7c5d5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
VytyIxCWgML33sygLoY_HIq1FqE7GQyz
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 01:21:23 GMT
x-amz-request-id
PE20Z3CPHVF0YDFC
age
55820
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
UxlCw7ZiLaw4RagTopvyEqWrclOHtxplzvKTDMPj4EHpnAp5FGzdmN60BJz6CyYhqmVod/FX3lc=
x-served-by
cache-mxp6936-MXP
last-modified
Tue, 29 Aug 2023 09:51:03 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693358483.178210,VS0,VE0
etag
"e6621899cb5d900fc0f0009da347819d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
91
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
464
clarity.js
www.clarity.ms/s/0.7.10/ 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.10/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/il95o8vjrn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
last-modified
Mon, 28 Aug 2023 20:30:54 GMT
x-azure-ref-originshield
0O77tZAAAAABrlWi9SfSpQ7i1Zbo9NsEIRlJBMjMxMDUwNDE3MDI1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"0x8DBA805ADEDAF89"
x-azure-ref
0k5nuZAAAAAD8jRnRkFqYRK91hSB8xhCDWlJIRURHRTEzMDYANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
33c05150-c01e-003b-733b-da6b7f000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
collect
www.google-analytics.com/r/ 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E7%82%B8%E9%9B%9E%E5%A5%BD%E9%A6%99%EF%BC%81%E5%B0%8F%E5%A7%90%E5%A7%90%E8%82%A9%E8%86%80%E3%80%8C%E5%87%BA%E7%8F%BE%E5%A4%A7%E7%89%9B%E9%A0%AD%E3%80%8D%E3%80%80%E6%8B%89%E6%89%AF%E6%89%8B%E8%87%82%EF%BC%9A%E7%B5%A6%E6%88%91%E5%90%83%E5%95%A6%EF%BD%9E%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-K7TurNvsnEUkvxtHg09MBQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.12506068059362518&gjid=0.3121526993386654&_r=1&a=1778&z=0.4649713155280082&gtm=45De1110
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=18de33bc42e1b53b405792fdf227d090&sd=v2_f15575f9f34cae369be78b0b94cead83_b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12_1693358482_1693358482_CNawjgYQ2YJdGK_Jn6CkMSABKAEwKziy0A1At4gQSKHb3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12&pi=/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&wi=2969251236148102464&pt=text&vi=1693358482607&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22344.140625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=03%3A21%3A23.211&id=1166&llvl=2&cv=20230828-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=18de33bc42e1b53b405792fdf227d090&sd=v2_f15575f9f34cae369be78b0b94cead83_b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12_1693358482_1693358482_CNawjgYQ2YJdGK_Jn6CkMSABKAEwKziy0A1At4gQSKHb3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12&pi=/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&wi=2969251236148102464&pt=text&vi=1693358482607&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1273%7D%22%2C%22eventTime%22%3A1693358483213%7D&tim=03%3A21%3A23.213&id=826&llvl=2&cv=20230828-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A21%3A23.223&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=2079&cv=20230828-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
65127
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230828-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 01:06:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Aug 2023 01:21:23 GMT
spa-detector.20230828-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230828-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6888f02ec97560c38be7cf4dc7d037692f7368eb81f10dd3c337cbed1f8abe1c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
LkruSCTsut5FDNUFL9bDNs5EmO4VsAxS
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 01:21:23 GMT
x-amz-request-id
ARWG5HGAQHCDVCZY
age
55806
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
810
x-amz-id-2
g4CbPa9WSDpqG5bbeptZmwiAzRxDd1EyQN4ETAnRDGhvPv5be0qzE32F5fHyHQM/8er1TIzn0xg=
x-served-by
cache-mxp6936-MXP
last-modified
Tue, 29 Aug 2023 09:51:18 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693358483.243970,VS0,VE0
etag
"822b69eb7a848d2e882f71ea4da28429"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
26
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3431
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=18de33bc42e1b53b405792fdf227d090&sd=v2_f15575f9f34cae369be78b0b94cead83_b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12_1693358482_1693358482_CNawjgYQ2YJdGK_Jn6CkMSABKAEwKziy0A1At4gQSKHb3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12&pi=/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&wi=2969251236148102464&pt=text&vi=1693358482607&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=03%3A21%3A23.224&id=6966&llvl=2&cv=20230828-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=18de33bc42e1b53b405792fdf227d090&sd=v2_f15575f9f34cae369be78b0b94cead83_b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12_1693358482_1693358482_CNawjgYQ2YJdGK_Jn6CkMSABKAEwKziy0A1At4gQSKHb3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12&pi=/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&wi=2969251236148102464&pt=text&vi=1693358482607&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1693358483232%7D&tim=03%3A21%3A23.233&id=570&llvl=2&cv=20230828-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=18de33bc42e1b53b405792fdf227d090&sd=v2_f15575f9f34cae369be78b0b94cead83_b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12_1693358482_1693358482_CNawjgYQ2YJdGK_Jn6CkMSABKAEwKziy0A1At4gQSKHb3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12&pi=/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&wi=2969251236148102464&pt=text&vi=1693358482607&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=03%3A21%3A23.234&id=4031&llvl=2&cv=20230828-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=18de33bc42e1b53b405792fdf227d090&sd=v2_f15575f9f34cae369be78b0b94cead83_b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12_1693358482_1693358482_CNawjgYQ2YJdGK_Jn6CkMSABKAEwKziy0A1At4gQSKHb3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12&pi=/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&wi=2969251236148102464&pt=text&vi=1693358482607&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1693358483237%7D&tim=03%3A21%3A23.237&id=7771&llvl=2&cv=20230828-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 6760 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75b3229ffe863066348df0918d08c5ab7fcd53ddf404364fa7e4797e3567beaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50977
x-xss-protection
0
server
cafe
etag
12741377883350249823
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 01:21:23 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 99F3 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7bc527ca07cb1ab3bdb0395695c880df4fb0ed21e3b8d4ea5e728f37ffd826f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50981
x-xss-protection
0
server
cafe
etag
9484244211349616339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 01:21:23 GMT
videojs.ads.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1077 /
Resource Hash
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
cdn-edgestorageid
1076
cdn-storageserver
DE-677
cdn-cachedat
08/09/2023 21:21:30
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:21 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
577
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf625-16c3c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
53516168a7a29b28261b3adbb7a276d6
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		84 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1077 /
Resource Hash
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
cdn-edgestorageid
1077
cdn-storageserver
DE-165
cdn-cachedat
07/07/2023 01:07:44
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:22 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"642bf626-14fe2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
62395c8fe266f9e49372c9895db351fb
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
can-autoplay.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1077 /
Resource Hash
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
cdn-edgestorageid
1049
cdn-storageserver
DE-164
cdn-cachedat
08/28/2023 19:09:21
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:16 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
565
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf620-2ae4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
312398ac70b5a0c77bab00edabfcb066
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs-playlist.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1077 /
Resource Hash
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-167
cdn-cachedat
08/29/2023 17:57:29
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:20 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
573
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf624-13b1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
b26d1a51a00ff3b6e9ee6890153c87c1
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
container.html
fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1BCD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:22 GMT
expires
Thu, 29 Aug 2024 01:21:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 7A93 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
19ca7fd01ac3b9345ac5d2d90e34cea22ddf2d5d8756ba3b054d96726db22405

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 01:21:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Aug 2023 15:52:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52228
Connection
keep-alive
Content-Length
10117
Expires
Wed, 30 Aug 2023 15:51:51 GMT
usync.js
eus.rubiconproject.com/ Frame 044F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
19ca7fd01ac3b9345ac5d2d90e34cea22ddf2d5d8756ba3b054d96726db22405

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 01:21:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Aug 2023 15:52:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52228
Connection
keep-alive
Content-Length
10117
Expires
Wed, 30 Aug 2023 15:51:51 GMT
6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
50fb084e53a8aeffaefffbe1612b995ff22ec168455280aae50f40187263fbeb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
96
date
Wed, 30 Aug 2023 01:21:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age
995102
edge-cache-tag
356686445197087509435470419559440289029,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
356686445197087509435470419559440289029,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, MISS
x-envoy-upstream-service-time
79
req-referer
http://geekhebdo.com/
content-length
8250
x-request-id
a9345f3c6a017abfd5fd26145d40a354
x-backend-name
CH_nlb801
x-served-by
cache-iad-kcgs7200023-IAD, cache-iad-kiad7000082-IAD, cache-iad-kiad7000124-IAD, cache-mxp6936-MXP
last-modified
Thu, 10 Aug 2023 11:47:17 GMT
server
nginx
x-timer
S1693358483.493222,VS0,VE96
etag
"0f290e0e1bf2b6824ad4b0ee1e205321"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0
nYim6X6SYHYMpRj.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/nYim6X6SYHYMpRj.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3c68d30d67b390ef28821b0aa91eade8f6d3c00e84ee0c9b7b77853a56ccb29

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 30 Aug 2023 01:21:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/nYim6X6SYHYMpRj.jpg
age
755130
edge-cache-tag
338166782886888119765135496302646930728,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
338166782886888119765135496302646930728,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
173
expiration
expiry-date="Thu, 31 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.larousse.fr/
content-length
4550
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000089-IAD, cache-iad-kiad7000094-IAD, cache-iad-kjyo7100021-IAD, cache-mxp6936-MXP
last-modified
Mon, 31 Jul 2023 11:21:41 GMT
server
nginx
x-timer
S1693358483.493617,VS0,VE1
etag
"452a0ae1d1d2333e65cc2fbc6fbc5c4d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 16, 1
3b7ee591e7a9bb09e43ac8ab4422aee1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b7ee591e7a9bb09e43ac8ab4422aee1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bc43b92cd0ed6495cde2ac0f17ee1c4ac5980993148104c083a0c675f917b803

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 30 Aug 2023 01:21:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b7ee591e7a9bb09e43ac8ab4422aee1.jpg
age
588453
edge-cache-tag
460077859501167843258512618898716504471,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
460077859501167843258512618898716504471,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
172
expiration
expiry-date="Fri, 25 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.bbv-net.de/
content-length
5778
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200076-IAD, cache-iad-kjyo7100138-IAD, cache-sna10737-LGB, cache-iad-kcgs7200140-IAD, cache-mxp6936-MXP
last-modified
Tue, 25 Jul 2023 20:25:43 GMT
server
nginx
x-timer
S1693358483.493599,VS0,VE1
etag
"d80230bc0d2f1157ce7ea0d6d2e2df6e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 1
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ Frame 6B04 		404 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 21:47:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
12830
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129934
x-xss-protection
0
server
cafe
etag
17007686020673988365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 28 Aug 2024 21:47:33 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ Frame A4E0 		404 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 21:47:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
12830
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129934
x-xss-protection
0
server
cafe
etag
17007686020673988365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 28 Aug 2024 21:47:33 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 6F5A 		572 B
803 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b3014a9fffbca04bb66d7db1b8c05487a8fd446d8fb53a7006af1267226756e7

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
377
content-type
text/html
date
Wed, 30 Aug 2023 01:21:23 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:5b57:3cdc:ce57:409f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
L2EvemhhLWppLWhhby14aWFuZy14aWFvLWppZS1qaWUtamlhbi1iYW5nLWNodS14aWFuLWRhLW5pdS10b3UtbGEtY2hlLXNob3UtYmktZ2VpLXdvLWNoaS1sYS5odG1s.json
cdn.adpushup.com/42753/ 		555 B
876 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvemhhLWppLWhhby14aWFuZy14aWFvLWppZS1qaWUtamlhbi1iYW5nLWNodS14aWFuLWRhLW5pdS10b3UtbGEtY2hlLXNob3UtYmktZ2VpLXdvLWNoaS1sYS5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:179c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Wed, 30 Aug 2023 01:21:23 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=5, origin; dur=371, ak_p; desc="1693358483557_389027484_589563049_37583_1304_19_0_219";dur=1
content-length
555
expires
Wed, 30 Aug 2023 02:21:23 GMT
st
imprammp.taboola.com/ Frame 5C4F 		422 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PiECLAa8JzwHt3tzFBJ4T3gObvfmKCwAAABgYID-AElMHKPhyOVYS0zD1Vo0WXnWEsdouVaOXMbFxDSZzUY2IyCJiWM0HLkca4lpuFqLJivPWuIYLdfKkcu4mJgms9nIZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZyaDodPte9Xvf73SU-z1zj9yv80qPDLXW6hQ6_W_h02H1u4dPhd0udLrfU6XJLnQ67W-Kw-9wao-stfDrsbpHDLXe63qK_6y12uDVGl1tz9LveEqdb53K6dX-3xuh0ix12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkchMNycV1-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEKGeKUmz0EJ4IgWxRRgBAAAAgFVYcz8ySSeoWFT5___vtwJwBQAgQJHooFwoi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHqOXNMA8TM3q_kFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOZYrXarmXPmGW0cLs9sOXH5hhPDxDnauBwm42Z7BBWMF75kfCH7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYhvMzHZlpO1ZjJYuEWz4WytcHkca9lotjAsXJ6VceZxi14f08VlXMwcky0SDMDbi-RpkU5kE4thuNjYFo6JceZymYYT52Q3spgGs5Vl49vNJmKJ5mSRTmSXfc2xWu1WM-fMM9o4XJ7ZcuLyDSeGiXO0cTlMxs2-4ttMTLblZK2ZDBZu0Ww4WytcHsdaNpotDAuXZ2Wcedyi18d0cRkXM8dk35gtN5vVcDSc7Buz5WazGo6Gk32HzvBdfc5GZVkl-bj8Kt224bo5DQqXweJ9qU_nYcFYkE47R6dLpHgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hlx4dbqnTLXT43cKnw-5zC58Ov1vqdLmlTpdb6nTY3RKH3efWGF1v4dNhd4scbrnT9Rb9XW-xw60xutyao9_1ljjdOpfTrfu7NUanW-ywC01vs0UsEZwu0onoZTxd1H_kELvZXDGYKwa7uWQzXCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptA8Cju____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIyWS22D8AFWKtVqvbjbVarYAFshwMRxP4____Dw!&cmcv=&pix=undefined&cb=1693358483555&uv=3322&tms=1693358483555&abt=eidc_vA!ll142893-147_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=1b148de1-b485-42e3-b149-9de81b4266df&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b769884fff3870e1bccafb97eba48f6583d7c130ec44b84d5dbb04ecdf39e96c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 30 Aug 2023 01:21:23 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6936-MXP
x-timer
S1693358484.583163,VS0,VE27
sync
am-match.taboola.com/ Frame 42B9 		439 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8PiECLAa8JzwHt3tzFBJ4T3gObvfmKCwAAABgYID-AElMHKPhyOVYS0zD1Vo0WXnWEsdouVaOXMbFxDSZzUY2IyCJiWM0HLkca4lpuFqLJivPWuIYLdfKkcu4mJgms9nIZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZyaDodPte9Xvf73SU-z1zj9yv80qPDLXW6hQ6_W_h02H1u4dPhd0udLrfU6XJLnQ67W-Kw-9wao-stfDrsbpHDLXe63qK_6y12uDVGl1tz9LveEqdb53K6dX-3xuh0ix12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkchMNycV1-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEKGeKUmz0EJ4IgWxRRgBAAAAgFVYcz8ySSeoWFT5___vtwJwBQAgQJHooFwoi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHqOXNMA8TM3q_kFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOZYrXarmXPmGW0cLs9sOXH5hhPDxDnauBwm42Z7BBWMF75kfCH7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYhvMzHZlpO1ZjJYuEWz4WytcHkca9lotjAsXJ6VceZxi14f08VlXMwcky0SDMDbi-RpkU5kE4thuNjYFo6JceZymYYT52Q3spgGs5Vl49vNJmKJ5mSRTmSXfc2xWu1WM-fMM9o4XJ7ZcuLyDSeGiXO0cTlMxs2-4ttMTLblZK2ZDBZu0Ww4WytcHsdaNpotDAuXZ2Wcedyi18d0cRkXM8dk35gtN5vVcDSc7Buz5WazGo6Gk32HzvBdfc5GZVkl-bj8Kt224bo5DQqXweJ9qU_nYcFYkE47R6dLpHgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hlx4dbqnTLXT43cKnw-5zC58Ov1vqdLmlTpdb6nTY3RKH3efWGF1v4dNhd4scbrnT9Rb9XW-xw60xutyao9_1ljjdOpfTrfu7NUanW-ywC01vs0UsEZwu0onoZTxd1H_kELvZXDGYKwa7uWQzXCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptA8Cju____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIyWS22D8AFWKtVqvbjbVarYAFshwMRxP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
4b673474d7fe2ad7a98b5617fb084c233ca9940c11333a138cf1eec90d71a0e0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 30 Aug 2023 01:21:23 GMT
machineid
3408
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1693358483560&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1544&pt=305944892&tz=120&viewable=true&ddast=V8PiECLAa8JzwHt3tzFBJ4T3gObvfmKCwAAABgYID-AElMHKPhyOVYS0zD1Vo0WXnWEsdouVaOXMbFxDSZzUY2IyCJiWM0HLkca4lpuFqLJivPWuIYLdfKkcu4mJgms9nIZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZyaDodPte9Xvf73SU-z1zj9yv80qPDLXW6hQ6_W_h02H1u4dPhd0udLrfU6XJLnQ67W-Kw-9wao-stfDrsbpHDLXe63qK_6y12uDVGl1tz9LveEqdb53K6dX-3xuh0ix12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkchMNycV1-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEKGeKUmz0EJ4IgWxRRgBAAAAgFVYcz8ySSeoWFT5___vtwJwBQAgQJHooFwoi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHqOXNMA8TM3q_kFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOZYrXarmXPmGW0cLs9sOXH5hhPDxDnauBwm42Z7BBWMF75kfCH7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYhvMzHZlpO1ZjJYuEWz4WytcHkca9lotjAsXJ6VceZxi14f08VlXMwcky0SDMDbi-RpkU5kE4thuNjYFo6JceZymYYT52Q3spgGs5Vl49vNJmKJ5mSRTmSXfc2xWu1WM-fMM9o4XJ7ZcuLyDSeGiXO0cTlMxs2-4ttMTLblZK2ZDBZu0Ww4WytcHsdaNpotDAuXZ2Wcedyi18d0cRkXM8dk35gtN5vVcDSc7Buz5WazGo6Gk32HzvBdfc5GZVkl-bj8Kt224bo5DQqXweJ9qU_nYcFYkE47R6dLpHgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hlx4dbqnTLXT43cKnw-5zC58Ov1vqdLmlTpdb6nTY3RKH3efWGF1v4dNhd4scbrnT9Rb9XW-xw60xutyao9_1ljjdOpfTrfu7NUanW-ywC01vs0UsEZwu0onoZTxd1H_kELvZXDGYKwa7uWQzXCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptA8Cju____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIyWS22D8AFWKtVqvbjbVarYAFshwMRxP4____Dw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=eidc_vA!ll142893-147_vC!nonrv_vA!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ec83228c18242e357a1d0e39f6549c72b03473f5d293650019ee95628cb542f3

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1446
x-cache
MISS
x-served-by
cache-mxp6936-MXP
pragma
no-cache
server
nginx
x-timer
S1693358484.585734,VS0,VE51
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://vast.aniview.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PiECLAa8JzwHt3tzFBJ4T3gObvfmKCwAAABgYID-AElMHKPhyOVYS0zD1Vo0WXnWEsdouVaOXMbFxDSZzUY2IyCJiWM0HLkca4lpuFqLJivPWuIYLdfKkcu4mJgms9nIZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZyaDodPte9Xvf73SU-z1zj9yv80qPDLXW6hQ6_W_h02H1u4dPhd0udLrfU6XJLnQ67W-Kw-9wao-stfDrsbpHDLXe63qK_6y12uDVGl1tz9LveEqdb53K6dX-3xuh0ix12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkchMNycV1-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEKGeKUmz0EJ4IgWxRRgBAAAAgFVYcz8ySSeoWFT5___vtwJwBQAgQJHooFwoi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHqOXNMA8TM3q_kFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOZYrXarmXPmGW0cLs9sOXH5hhPDxDnauBwm42Z7BBWMF75kfCH7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYhvMzHZlpO1ZjJYuEWz4WytcHkca9lotjAsXJ6VceZxi14f08VlXMwcky0SDMDbi-RpkU5kE4thuNjYFo6JceZymYYT52Q3spgGs5Vl49vNJmKJ5mSRTmSXfc2xWu1WM-fMM9o4XJ7ZcuLyDSeGiXO0cTlMxs2-4ttMTLblZK2ZDBZu0Ww4WytcHsdaNpotDAuXZ2Wcedyi18d0cRkXM8dk35gtN5vVcDSc7Buz5WazGo6Gk32HzvBdfc5GZVkl-bj8Kt224bo5DQqXweJ9qU_nYcFYkE47R6dLpHgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hlx4dbqnTLXT43cKnw-5zC58Ov1vqdLmlTpdb6nTY3RKH3efWGF1v4dNhd4scbrnT9Rb9XW-xw60xutyao9_1ljjdOpfTrfu7NUanW-ywC01vs0UsEZwu0onoZTxd1H_kELvZXDGYKwa7uWQzXCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptA8Cju____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIyWS22D8AFWKtVqvbjbVarYAFshwMRxP4____Dw!&cmcv=&pix=31589837&cb=1693358483554&uv=3322&tms=1693358483554&abt=eidc_vA!ll142893-147_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1693358479778.4!ts:1693358483554&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-length
0
server
nginx
css2
fonts.googleapis.com/ Frame 1BCD 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 00:34:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Aug 2023 01:21:23 GMT
css
fonts.googleapis.com/ Frame 1A85 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 00:27:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Aug 2023 01:21:23 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 1A85 		2 KB
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
41116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:56:07 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 1A85 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
41116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9067
x-xss-protection
0
server
cafe
etag
16184311534176170479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:56:07 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 67F8 		143 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
3460
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 00:23:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 1A85 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 21:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
12919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 21:46:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 1A85 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
41116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:56:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A85 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 01:21:23 GMT
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame 1A85 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 01:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
432728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 00:31:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 01:09:15 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/ Frame 1BCD 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:56:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
41115
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8570
x-xss-protection
0
server
cafe
etag
11167480076894372452
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:56:08 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1BCD 		205 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 19:41:38 GMT
x-content-type-options
nosniff
age
106785
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 27 Aug 2024 19:41:38 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1BCD 		604 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 17:38:06 GMT
x-content-type-options
nosniff
age
27797
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 28 Aug 2024 17:38:06 GMT
container.html
fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E3E7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077463
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:22 GMT
expires
Thu, 29 Aug 2024 01:21:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4467 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js?cb=31077463
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:22 GMT
expires
Thu, 29 Aug 2024 01:21:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:5b57:3cdc:ce57:409f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
pixel
googleads.g.doubleclick.net/xbbe/ Frame B99E 		267 B
549 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYuLHjaTAB&v=APEucNU2j9WDm-kx0Vb4tdO1g_n3zOSmfUU4KKt4EGOiiqd67if5OnFzC6yB2P5M4Xk8VezZbJHCdJUuS8cXxDx2EhPyy5zU8g
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
101
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:23 GMT
expires
Wed, 30 Aug 2023 01:21:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4728 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 01:21:23 GMT
r62eglto.js
ad4m.at/ Frame 4728 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
31854
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcEH1agQKz2uymm%2BvInz3UqQ6aPnnZTqEkMNUIPaAmKOj9qmjjivFt8F2llA7qmv9pMCyxtuZR7GZ76TtCmxUWWKNzlqg4%2F%2B1%2FRE7xZqFlBQkfYN0MKISvz644ThtaoI%2F%2BrC0Rw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7fe9377b0e440dc5-MXP
alt-svc
h3=":443"; ma=86400
expires
Tue, 29 Aug 2023 16:30:19 GMT
96099d72-207b-42c9-8d92-7559e213fa41
a5129.casalemedia.com/impression/v2/693656/85/cjn9j4nn8c89bja7rbqg/ Frame 4728 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a5129.casalemedia.com/impression/v2/693656/85/cjn9j4nn8c89bja7rbqg/96099d72-207b-42c9-8d92-7559e213fa41?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1693359082&profileIDs=&creativeID=18d3693&pubID=189372&format=banner&channel=site
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.91.45.43 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:23 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4728 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BqDrDbXOvw8IMGU4yewnwYeLlGY1LIJ8YHowU3ce1wTcqlWORypB1D6jgxsuJfK_cZRPTQZj9MPuGCOYMoQyq4yUuKURIX3C2JOaB8bE6AYA9K29k
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4728 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13092340190901111321&x=13&ct=77
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:5b57:3cdc:ce57:409f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS96aGEtamktaGFvLXhpYW5nLXhpYW8tamllLWppZS1qaWFuLWJhbmctY2h1LXhpYW4tZGEtbml1LXRvdS1sYS1jaGUtc2hvdS1iaS1nZWktd28tY2hpLWxhLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS0zNmJiOWMzMC03ZWNkLTRlMmUtOGNjNi05MWM3MzEwNGMxNjgiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJiaWRzIjpbeyJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDI5OTk5OTk5OTk5OTk5OTk3LCJyZXNwb25zZVRpbWUiOjI2MSwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoiaXgiLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDAyOTk5OTk5OTk5OTk5OTk5Nywid2lubmVyQWRVbml0SWQiOiI3NmMzZjkyMGNkZWUzNmUiLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJzZXJ2aWNlcyI6WzEsM10sInNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZWZyZXNoQ291bnQiOjAsInBsYWNlbWVudCI6MSwicmVuZGVyZWRBZFNpemUiOiIzMDB4MjUwIiwicHJlYmlkQXVjdGlvbklkIjoiMzkwMzhmNGUtMDBhOC00ZTgyLWI0NTYtMWRlNzYwY2Q5ZTBjIiwiaGVhZGVyQmlkZGluZ1R5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=3851.3999977111816
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
generic
match.adsrvr.org/track/cmf/ Frame 7A93
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LLX1X3HM-1Y-4NY6
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLX1X3HM-1Y-4NY6
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Wed, 30 Aug 2023 01:21:24 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/ Frame 6760 		387 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1053753d7356e9886501d1310212c927381cd36d4f16f9ceabd23fce8fe9cfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134169
x-xss-protection
0
server
cafe
etag
12179509795206130085
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 01:21:23 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/ Frame E288 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
26397
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 18:01:26 GMT
etag
9878862242593084568
expires
Tue, 12 Sep 2023 18:01:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
q.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bg3.co
Date
Wed, 30 Aug 2023 01:21:23 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/ Frame 99F3 		387 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e17d49680857b72d753d327c0df23eceb075b4b835461a155e64f4bc1bc4d0a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134169
x-xss-protection
0
server
cafe
etag
5953540755280694413
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 01:21:23 GMT
sd
eu-u.openx.net/w/1.0/ Frame 6F5A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7276866640929803979
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7276866640929803979
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7276866640929803979
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 6F5A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=45f54819-9007-c2d3-14c9-38e7ccd8af96
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=45f54819-9007-c2d3-14c9-38e7ccd8af96&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=45f54819-9007-c2d3-14c9-38e7ccd8af96&dcc=t
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7JBDFTC0STVH6XJYM7CQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T7E7A2FR2TKR6AQ9GKWY
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=45f54819-9007-c2d3-14c9-38e7ccd8af96&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 6F5A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=1d233464-8cad-7929-d4c7-ba70a4eb6476&gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 6F5A 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzE0Y2U3YWUtNDVkYS0yNzhkLWMxMjctZTBjOTZlMDlhYTE2
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6F5A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHf4o5mGRbu1Z4gHbGdiyUc&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHf4o5mGRbu1Z4gHbGdiyUc&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHf4o5mGRbu1Z4gHbGdiyUc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 5C4F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PiECLAa8JzwHt3tzFBJ4T3gObvfmKCwAAABgYID-AElMHKPhyOVYS0zD1Vo0WXnWEsdouVaOXMbFxDSZzUY2IyCJiWM0HLkca4lpuFqLJivPWuIYLdfKkcu4mJgms9nIZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZyaDodPte9Xvf73SU-z1zj9yv80qPDLXW6hQ6_W_h02H1u4dPhd0udLrfU6XJLnQ67W-Kw-9wao-stfDrsbpHDLXe63qK_6y12uDVGl1tz9LveEqdb53K6dX-3xuh0ix12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkchMNycV1-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEKGeKUmz0EJ4IgWxRRgBAAAAgFVYcz8ySSeoWFT5___vtwJwBQAgQJHooFwoi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHqOXNMA8TM3q_kFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOZYrXarmXPmGW0cLs9sOXH5hhPDxDnauBwm42Z7BBWMF75kfCH7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYhvMzHZlpO1ZjJYuEWz4WytcHkca9lotjAsXJ6VceZxi14f08VlXMwcky0SDMDbi-RpkU5kE4thuNjYFo6JceZymYYT52Q3spgGs5Vl49vNJmKJ5mSRTmSXfc2xWu1WM-fMM9o4XJ7ZcuLyDSeGiXO0cTlMxs2-4ttMTLblZK2ZDBZu0Ww4WytcHsdaNpotDAuXZ2Wcedyi18d0cRkXM8dk35gtN5vVcDSc7Buz5WazGo6Gk32HzvBdfc5GZVkl-bj8Kt224bo5DQqXweJ9qU_nYcFYkE47R6dLpHgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hlx4dbqnTLXT43cKnw-5zC58Ov1vqdLmlTpdb6nTY3RKH3efWGF1v4dNhd4scbrnT9Rb9XW-xw60xutyao9_1ljjdOpfTrfu7NUanW-ywC01vs0UsEZwu0onoZTxd1H_kELvZXDGYKwa7uWQzXCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptA8Cju____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIyWS22D8AFWKtVqvbjbVarYAFshwMRxP4____Dw!&cmcv=&pix=undefined&cb=1693358483555&uv=3322&tms=1693358483555&abt=eidc_vA!ll142893-147_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=1b148de1-b485-42e3-b149-9de81b4266df&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 5C4F 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PiECLAa8JzwHt3tzFBJ4T3gObvfmKCwAAABgYID-AElMHKPhyOVYS0zD1Vo0WXnWEsdouVaOXMbFxDSZzUY2IyCJiWM0HLkca4lpuFqLJivPWuIYLdfKkcu4mJgms9nIZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZyaDodPte9Xvf73SU-z1zj9yv80qPDLXW6hQ6_W_h02H1u4dPhd0udLrfU6XJLnQ67W-Kw-9wao-stfDrsbpHDLXe63qK_6y12uDVGl1tz9LveEqdb53K6dX-3xuh0ix12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkchMNycV1-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEKGeKUmz0EJ4IgWxRRgBAAAAgFVYcz8ySSeoWFT5___vtwJwBQAgQJHooFwoi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHqOXNMA8TM3q_kFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOZYrXarmXPmGW0cLs9sOXH5hhPDxDnauBwm42Z7BBWMF75kfCH7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYhvMzHZlpO1ZjJYuEWz4WytcHkca9lotjAsXJ6VceZxi14f08VlXMwcky0SDMDbi-RpkU5kE4thuNjYFo6JceZymYYT52Q3spgGs5Vl49vNJmKJ5mSRTmSXfc2xWu1WM-fMM9o4XJ7ZcuLyDSeGiXO0cTlMxs2-4ttMTLblZK2ZDBZu0Ww4WytcHsdaNpotDAuXZ2Wcedyi18d0cRkXM8dk35gtN5vVcDSc7Buz5WazGo6Gk32HzvBdfc5GZVkl-bj8Kt224bo5DQqXweJ9qU_nYcFYkE47R6dLpHgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hlx4dbqnTLXT43cKnw-5zC58Ov1vqdLmlTpdb6nTY3RKH3efWGF1v4dNhd4scbrnT9Rb9XW-xw60xutyao9_1ljjdOpfTrfu7NUanW-ywC01vs0UsEZwu0onoZTxd1H_kELvZXDGYKwa7uWQzXCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptA8Cju____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIyWS22D8AFWKtVqvbjbVarYAFshwMRxP4____Dw!&cmcv=&pix=undefined&cb=1693358483555&uv=3322&tms=1693358483555&abt=eidc_vA!ll142893-147_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=1b148de1-b485-42e3-b149-9de81b4266df&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:2dd:853d:91ea:688e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame 5C4F 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PiECLAa8JzwHt3tzFBJ4T3gObvfmKCwAAABgYID-AElMHKPhyOVYS0zD1Vo0WXnWEsdouVaOXMbFxDSZzUY2IyCJiWM0HLkca4lpuFqLJivPWuIYLdfKkcu4mJgms9nIZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZyaDodPte9Xvf73SU-z1zj9yv80qPDLXW6hQ6_W_h02H1u4dPhd0udLrfU6XJLnQ67W-Kw-9wao-stfDrsbpHDLXe63qK_6y12uDVGl1tz9LveEqdb53K6dX-3xuh0ix12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkchMNycV1-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEKGeKUmz0EJ4IgWxRRgBAAAAgFVYcz8ySSeoWFT5___vtwJwBQAgQJHooFwoi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHqOXNMA8TM3q_kFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOZYrXarmXPmGW0cLs9sOXH5hhPDxDnauBwm42Z7BBWMF75kfCH7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYhvMzHZlpO1ZjJYuEWz4WytcHkca9lotjAsXJ6VceZxi14f08VlXMwcky0SDMDbi-RpkU5kE4thuNjYFo6JceZymYYT52Q3spgGs5Vl49vNJmKJ5mSRTmSXfc2xWu1WM-fMM9o4XJ7ZcuLyDSeGiXO0cTlMxs2-4ttMTLblZK2ZDBZu0Ww4WytcHsdaNpotDAuXZ2Wcedyi18d0cRkXM8dk35gtN5vVcDSc7Buz5WazGo6Gk32HzvBdfc5GZVkl-bj8Kt224bo5DQqXweJ9qU_nYcFYkE47R6dLpHgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hlx4dbqnTLXT43cKnw-5zC58Ov1vqdLmlTpdb6nTY3RKH3efWGF1v4dNhd4scbrnT9Rb9XW-xw60xutyao9_1ljjdOpfTrfu7NUanW-ywC01vs0UsEZwu0onoZTxd1H_kELvZXDGYKwa7uWQzXCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptA8Cju____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIyWS22D8AFWKtVqvbjbVarYAFshwMRxP4____Dw!&cmcv=&pix=undefined&cb=1693358483555&uv=3322&tms=1693358483555&abt=eidc_vA!ll142893-147_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=1b148de1-b485-42e3-b149-9de81b4266df&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.109.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-109-228.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 42B9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8PiECLAa8JzwHt3tzFBJ4T3gObvfmKCwAAABgYID-AElMHKPhyOVYS0zD1Vo0WXnWEsdouVaOXMbFxDSZzUY2IyCJiWM0HLkca4lpuFqLJivPWuIYLdfKkcu4mJgms9nIZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZyaDodPte9Xvf73SU-z1zj9yv80qPDLXW6hQ6_W_h02H1u4dPhd0udLrfU6XJLnQ67W-Kw-9wao-stfDrsbpHDLXe63qK_6y12uDVGl1tz9LveEqdb53K6dX-3xuh0ix12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkchMNycV1-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEKGeKUmz0EJ4IgWxRRgBAAAAgFVYcz8ySSeoWFT5___vtwJwBQAgQJHooFwoi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHqOXNMA8TM3q_kFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOZYrXarmXPmGW0cLs9sOXH5hhPDxDnauBwm42Z7BBWMF75kfCH7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYhvMzHZlpO1ZjJYuEWz4WytcHkca9lotjAsXJ6VceZxi14f08VlXMwcky0SDMDbi-RpkU5kE4thuNjYFo6JceZymYYT52Q3spgGs5Vl49vNJmKJ5mSRTmSXfc2xWu1WM-fMM9o4XJ7ZcuLyDSeGiXO0cTlMxs2-4ttMTLblZK2ZDBZu0Ww4WytcHsdaNpotDAuXZ2Wcedyi18d0cRkXM8dk35gtN5vVcDSc7Buz5WazGo6Gk32HzvBdfc5GZVkl-bj8Kt224bo5DQqXweJ9qU_nYcFYkE47R6dLpHgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hlx4dbqnTLXT43cKnw-5zC58Ov1vqdLmlTpdb6nTY3RKH3efWGF1v4dNhd4scbrnT9Rb9XW-xw60xutyao9_1ljjdOpfTrfu7NUanW-ywC01vs0UsEZwu0onoZTxd1H_kELvZXDGYKwa7uWQzXCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptA8Cju____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIyWS22D8AFWKtVqvbjbVarYAFshwMRxP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 42B9 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8PiECLAa8JzwHt3tzFBJ4T3gObvfmKCwAAABgYID-AElMHKPhyOVYS0zD1Vo0WXnWEsdouVaOXMbFxDSZzUY2IyCJiWM0HLkca4lpuFqLJivPWuIYLdfKkcu4mJgms9nIZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZyaDodPte9Xvf73SU-z1zj9yv80qPDLXW6hQ6_W_h02H1u4dPhd0udLrfU6XJLnQ67W-Kw-9wao-stfDrsbpHDLXe63qK_6y12uDVGl1tz9LveEqdb53K6dX-3xuh0ix12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkchMNycV1-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEKGeKUmz0EJ4IgWxRRgBAAAAgFVYcz8ySSeoWFT5___vtwJwBQAgQJHooFwoi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHqOXNMA8TM3q_kFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOZYrXarmXPmGW0cLs9sOXH5hhPDxDnauBwm42Z7BBWMF75kfCH7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYhvMzHZlpO1ZjJYuEWz4WytcHkca9lotjAsXJ6VceZxi14f08VlXMwcky0SDMDbi-RpkU5kE4thuNjYFo6JceZymYYT52Q3spgGs5Vl49vNJmKJ5mSRTmSXfc2xWu1WM-fMM9o4XJ7ZcuLyDSeGiXO0cTlMxs2-4ttMTLblZK2ZDBZu0Ww4WytcHsdaNpotDAuXZ2Wcedyi18d0cRkXM8dk35gtN5vVcDSc7Buz5WazGo6Gk32HzvBdfc5GZVkl-bj8Kt224bo5DQqXweJ9qU_nYcFYkE47R6dLpHgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hlx4dbqnTLXT43cKnw-5zC58Ov1vqdLmlTpdb6nTY3RKH3efWGF1v4dNhd4scbrnT9Rb9XW-xw60xutyao9_1ljjdOpfTrfu7NUanW-ywC01vs0UsEZwu0onoZTxd1H_kELvZXDGYKwa7uWQzXCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptA8Cju____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIyWS22D8AFWKtVqvbjbVarYAFshwMRxP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:2dd:853d:91ea:688e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 42B9 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8PiECLAa8JzwHt3tzFBJ4T3gObvfmKCwAAABgYID-AElMHKPhyOVYS0zD1Vo0WXnWEsdouVaOXMbFxDSZzUY2IyCJiWM0HLkca4lpuFqLJivPWuIYLdfKkcu4mJgms9nIZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZyaDodPte9Xvf73SU-z1zj9yv80qPDLXW6hQ6_W_h02H1u4dPhd0udLrfU6XJLnQ67W-Kw-9wao-stfDrsbpHDLXe63qK_6y12uDVGl1tz9LveEqdb53K6dX-3xuh0ix12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkchMNycV1-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEKGeKUmz0EJ4IgWxRRgBAAAAgFVYcz8ySSeoWFT5___vtwJwBQAgQJHooFwoi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHqOXNMA8TM3q_kFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOZYrXarmXPmGW0cLs9sOXH5hhPDxDnauBwm42Z7BBWMF75kfCH7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYhvMzHZlpO1ZjJYuEWz4WytcHkca9lotjAsXJ6VceZxi14f08VlXMwcky0SDMDbi-RpkU5kE4thuNjYFo6JceZymYYT52Q3spgGs5Vl49vNJmKJ5mSRTmSXfc2xWu1WM-fMM9o4XJ7ZcuLyDSeGiXO0cTlMxs2-4ttMTLblZK2ZDBZu0Ww4WytcHsdaNpotDAuXZ2Wcedyi18d0cRkXM8dk35gtN5vVcDSc7Buz5WazGo6Gk32HzvBdfc5GZVkl-bj8Kt224bo5DQqXweJ9qU_nYcFYkE47R6dLpHgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hlx4dbqnTLXT43cKnw-5zC58Ov1vqdLmlTpdb6nTY3RKH3efWGF1v4dNhd4scbrnT9Rb9XW-xw60xutyao9_1ljjdOpfTrfu7NUanW-ywC01vs0UsEZwu0onoZTxd1H_kELvZXDGYKwa7uWQzXCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptA8Cju____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIyWS22D8AFWKtVqvbjbVarYAFshwMRxP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame B99E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEHHbe6zKuDNByYCWPPD3-j4&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEHHbe6zKuDNByYCWPPD3-j4&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=ae39be9ba178246f8eca2757e8d4fe6f&uid=ae39be9ba178246f8eca2757e8d4f...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYuLHjaTAB&v=APEucNU2j9WDm-kx0Vb4tdO1g_n3zOSmfUU4KKt4EGOiiqd67if5OnFzC6yB2P5M4Xk8VezZbJHCdJUuS8cXxDx2EhPyy5zU8g
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:24 GMT
Last-Modified
Wed, 30 Aug 2023 01:21:24 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B99E 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYuLHjaTAB&v=APEucNU2j9WDm-kx0Vb4tdO1g_n3zOSmfUU4KKt4EGOiiqd67if5OnFzC6yB2P5M4Xk8VezZbJHCdJUuS8cXxDx2EhPyy5zU8g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9407 		45 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2852665323357970481&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3323&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=709001778&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&ga_hid=1500233466&dt=1693358483295&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&bdt=1354&dtd=142&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308112021001/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca2d392ec6d2f50fc6da551573044e64aad1d799a8d84e516065ec5b7f26df37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16619
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:23 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3714 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-1097949119731979318&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3333&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=709001778&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&ga_hid=1500233466&dt=1693358482986&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&bdt=1045&dtd=16&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308112021001/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 6B04 		492 B
261 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2279931510577245&correlator=69878588181840&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1693358483837&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=nalelv4jzp0u&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=507362458.1693358484&ga_sid=1693358484&ga_hid=347547811&ga_fc=false&dlt=1693358483164&idt=652&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
676025def6ee0a935980fa086104a8cb19a38d8c751469231333ce43740a8cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
232
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bddc6028702850c1fb546343868fa55d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A05A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bddc6028702850c1fb546343868fa55d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:23 GMT
expires
Thu, 29 Aug 2024 01:21:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tap.php
pixel.rubiconproject.com/ Frame 7A93
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/OlwsMAf2SL9oC3i-1Hq1Dsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WzrFge9E2oLz9j_0XBJB5H3ZgpLWk3vBOVJ7.Q--~A
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WzrFge9E2oLz9j_0XBJB5H3ZgpLWk3vBOVJ7.Q--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 30 Aug 2023 01:21:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WzrFge9E2oLz9j_0XBJB5H3ZgpLWk3vBOVJ7.Q--~A
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 7A93 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7A93
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=EzXcGjkdQ266soBqHam75w&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=EzXcGjkdQ266soBqHam75w
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=EzXcGjkdQ266soBqHam75w
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KHDVM0NPKCE35KS5J5RD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=EzXcGjkdQ266soBqHam75w
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 7A93
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDhmMGY5YzM0Yzk5ZjM3ZjkzYzM5YzliM2M1MzZhMjNmYzY2YjM5YQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDhmMGY5YzM0Yzk5ZjM3ZjkzYzM5YzliM2M1MzZhMjNmYzY2YjM5YQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDhmMGY5YzM0Yzk5ZjM3ZjkzYzM5YzliM2M1MzZhMjNmYzY2YjM5YQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7A93
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMUBLV5-5cr_IMC_klMlrlw&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMUBLV5-5cr_IMC_klMlrlw&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMUBLV5-5cr_IMC_klMlrlw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7A93
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExYMVgzSE0tMVktNE5ZNg==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELqi33fuQ5YSrsu7eh60xUI&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExYMVgzSE0tMVktNE5ZNg==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExYMVgzSE0tMVktNE5ZNg==&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExYMVgzSE0tMVktNE5ZNg==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 7A93
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5dNCQiUMR6iRILgc9cJ0yQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5dNCQiUMR6iRILgc9cJ0yQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5dNCQiUMR6iRILgc9cJ0yQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G5DPSRVJ19X9PE8TQ0FV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5dNCQiUMR6iRILgc9cJ0yQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 7A93
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLX1X3HM-1Y-4NY6
0
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLX1X3HM-1Y-4NY6
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: F6639FA3535E4E9B9A1FCFE075040D54 Ref B: ZRHEDGE1808 Ref C: 2023-08-30T01:21:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEGb7tzFTTg1u527y9aA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLX1X3HM-1Y-4NY6
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 13E6 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiKo7vGATAB&v=APEucNVDCs-tXlQjLwUVkipM7papIjG9wCBtMj3uHaClRo6eeLOAo6NGkhXkhiInGQGIEauGoDsryB-hE8_Iuel6gFbcGiSRXQjt7-ioKO4-uMyvk2uzyKneMujL_dz8Drp9Tc72vG9vUv_sE0ogU3VoxseUwTI6ST7Xu2xLeTyj4RxRuHe54kWspPHhL2NEIRhJ04tWIsVt0AXnyqvjhovoD4RX9VXssA
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E3E7 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 01:21:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E3E7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CwHVwkIEnUFrMQyOBw1ycb8FS-FtNesm63DUh2VgjUmnQOIquiRRCUI3JFSbYcFhKyqI23ju6NfFdZKiTMKD_XnUYVyF6QE5YOv2F1-saBKA9QtTs
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E3E7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13042882315101981264&x=1&ct=77
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame E3E7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 21:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
12919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 21:46:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame E3E7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
41116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:56:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E3E7 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 01:21:23 GMT
ubpvideos
newsbot.unibots.in/get_videos/ 		521 B
693 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://newsbot.unibots.in/get_videos/ubpvideos
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
172.105.43.230 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-105-43-230.ip.linodeusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2f7fd1d6651e37c961b69957f5037d3237ea523fd55d5d3a60ddc3fc2b61ecaf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 30 Aug 2023 01:21:24 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Length
521
Content-Type
application/json
pixel
googleads.g.doubleclick.net/xbbe/ Frame 99EF 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNU4_cnJEpbBmMzv3xIL2Sda1xCcwzH1T7JOC0FlKKZC7y2r2ktv83rAp0SwKJvQUsktFGcihvpga8_ubWo-mXtB3obvUqYQ_DUbvFF5jq3vNLXkwFd0qTlQbeTMjag_4-IeZzXatCs6_KH69wPsIAEx1pW_LIpHZhIP2jiC9CU2ygqoBc4CW2mgcRHtK3pBNP6NaSTUEve2aiKBTlwQ6Jwsj7-_uA
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4467 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 01:21:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4467 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B5RpxXO0-maDR-QuYOlT9SZ6X-iViYuX2aYqwjmpLlqQOhlDC1F1Fn-zFeTNRI8FOWGvCc7vxya6oOazCj5hwXn2p8uqonNLKxvtN7Ev_3L5nBx-Y
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4467 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2993847580144249085&x=1&ct=77
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 4467 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 21:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
12919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 21:46:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 4467 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
41116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:56:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4467 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 01:21:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4728 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7207625159967&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4728 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7207625159967&version=m202307240101&ct=77&x=13&cor=13092340190901110000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4728 		30 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bgvl1ZjCZW7UiSrv9x2WN4LL4Ql2Fj19HPtFwfkGpG9ZZILH9OWeHcamDaBeHRo6JXH9reOBhFswsBCfUFffcUquwo8P3vF3pHbLvrmR7YqeoWdRNaUF5nkufsPdlj4NKIWA-WmfXKXrSyp8wjtSH5114ztzfp6T8LxHtmIIBPf4bQ4K0&cry=1&dbm_d=AKAmf-BGkHlkHkwgG7movmYg5BBFn7DqxNRlVJWgfyVZZ2tgf30sR5fKZOYq4rFpD2L4K93pPHv7AC1l7vXiGwZFtCyEos82HiMkgD2n5u9Xw-t_5qr_jC-whZzolm00vJYqpjuZ_vItKa-MkyysqGaAkvVGWKTUyGtbmPyHqgSfPVwXyzV87RShvDbsNShbt97XU4Yto-2yuEUV3Z2dAyFadbAGLngvrZLcQ2bwOdjAn3dLJ3BsL_YQoVX8yM-CGxhqH4I-7sWilvXVAX08_vhND5UGTHhk_5pzUZa4tjD34zxEF-_O3eJ9TSI_fbQ9937sB-RTjArliI8F8WQ5LD0fh6eh2q_qPu-AdEdqKVOiZwHwCGbBJQeq81_a1ZiCekZpLMlPUA-9Z4e61UOmYGteZPiCp2VF1Nm9DvnGrKF00Qjv4M6gxPcfV2DjibZglQkrKxZPDC3R0oUzb_AlG8kvwil6n1s-bewFRhcc-q85GVFwhFR1dQWG4fHO0CcoILnLSGyUGnWzuYkmM67FWQhGrjwfYHWKfaHzSRhnB_CrH8LZbRsQ8t5bw3AkdqkK-TOqmI22SPdhOtEA7mL2qJgcJSh2x2TgoLhRMeFWWS2LlCx92K3ID77wFgkpLgDVtgPwIOzHuvhhBbY387ON1I6T4zXbhlKORiWpIRzRO3KmyR0EZnaPbnBTFwiV969Ip0E6ZYqaPa2sjClhHTr2xse4mc6OMQkiOBWpenq1uCMRSUpmzLyAJcSvr0pNyuG4DV7JmXS3rJ-1-CZh_LzyAJcPmvRtVhp3wZ82paMZ_VsOXSG-Vdq_sd7NKL4cwr7ZjajQXgGFZar3u10iUKhZU2dbEfUp8Xz3VX3Aq5_DrvxzwUWylYB001Ru6T81Hb75TauZopSaJo9AByIN9lI-iMnZ6m-vHSdtZ2tafDsHtGZEWtMIyMkEyEZ4fUVDRSbeEUqX7gLzRXX5sUrlIyoYXGG1243VFL5CrZt4P4ESgswUOYGY8cy_Nek7uUkbjuU3OdDXMW7jIClDcrFfFJRItlvxz02ZkJXD4bkzHBI3oDyS8-2RLV0p9iIJWam4llXu5k90OlKK4jKsfqYFSQQ30cfmCOEEbFsfXw6EZyUC_Zorh3oDxeWps1cvXF2Cwwzwzk_bj--U_xq2TsBkBZA64RYot6MVvpMDpxeeC7eY30-a-oqLxeBdvmOTqqbiWmNFfWE-Y-3_t_9VY7NUSf1cwbLFAjkJEd0l0mntN02hNB0-9PoU0nOnhuba7mANGHjYpsJ3BfwD7bcNe4OfqfEbMSRou24Zn5s1g_Pv6GdLSkAuekkhFllJJbyZnRr9MRBvQMYJXpuHhAF7o5PlqaU_5aX6L-pocsIVv1pF9BTQYFjchWSSjDJ25BR-quviH_p4xyDG1oXz5at5eRKpl0IOn-U5wXcFpradvpX4SZpiJiqMsr6BP9rPJZcbdZ0w7E3St6hulqZIhkIoddsjiFahZOaj1k9NnxxuXDCIm8pLnRu29ybIN_1siPwOv_2IaGV3AV5qv9gxOvbK8zMgLoyXTp2lLoxDJSahbMAyc1oCb0XCTwDxl_f6Btph-Sl_J5ivAVo0xAGMxZdBVIAcIDR4J0V6HAfR-msYWLhg1NfcQvGvXz12ecZ3PRSTiMaD9gWj0G8Wc7lEm9UuIhw8Krrjk-FJ4_8SIjjgGb2e14fI4tyFSgn6C2W6beX-A4gLeYOQBKiV9jR0WpX7_fea2JeOHgJymqMPJSigx8MM9cI1qQuNKy8qA6SpxB9gHHlDtbl4yWXR74FXpbjJLajpscet0m058PTbo9xGFsfTv7mLDExU6ZUnZHsBdk5KK4Y7Er6FUY4lc_82KldL1BnCKakZ5LzVhojTIeGXUX0RyFdn1nKRMcJZJCjio1kxmRfwThXFODjbgTcxm1MiKPeCwsjwXbnzikK7YAwgKKbfKv0CVObCIfsMv1cbWOPqkjk0Vt-uLaNiJobXtyzxIbVxb2nT6eJuyiEFZz6Dd27RrKEcxfZD3iDi2Nl2Q5StJ4FYrtguokwmiEfcfH0AIMzDNt_Qv__PJ9fCrYGsD8dEnraeEE9ed50ZeJnClRpxCGClp_jJnpUPp4Hn-htwINinLOsAAQW56CP5znLZJeH0qte5JbzKyxcTwGEIkRHWTDhmf3N7L7ObyJ9NGVasw40ssefAGSwVGrmxPRjOdIoZpaCd_o8bYRdSKdb-dhGqtWufxhLRDNLIW2Wuf0hFmK86_IFISC5otVKJe9M896VotCnKLAtEHlbrix28Rd-5hHhPqPMiUpoRjyh61A9jR_qSf7iazYR7zw1G_qtGQo60pW918UO0iFZ1ofOEpy4cnMo7ieHZdGMDm4SE8UoOvowOFnK3hN8Gy-sKAJkQ19rUrbWIEKlm0Qg_RcBTxHPQ1Dx3ROUCq3i0z49-24ud7tp3bsogjmyAgyOeNQkrlDfvVOhLtsvvzZgQgYFNuHlqrYSoq0cIp9p01xvtjwGsqRM1FZN7k7N7V1kLF9Vj6ZKnC2bt_HuVufVQDYRR2Q5q8Rfqbj_amvvn7UTYyJm5TG4yMo-BrPQgnfGkXkx0lh_CjKwZrT8-KxQ3y-FcZcQxxckrZXYzUuPbWuwR_5Ppxj_Hfbz0uoc_-kcrn3u7zzI5FGo9sXtyamdbbikZA2885WFJsXNEn1dJwf8pzkyDGiU2KIQ_kIBHw8nP9YjZEG969hb1J6hFL2WlKTqUHcWY0mlBNfVsJNbs0PA7NF33WcoEVD1762I9EbFBrAXnKrk3JcP_jhKwl3xUt6wdKEIlMYl181kBo0cxjYytwogMIYzyeDlfAfz4mt4_LulwHbzORqN0BIVt6s5oVWIYAw5EgUNtUGA0ukwU91gLkQD5vGuL1tb0Jt5XoK0FqZkCgPZAZTXYZFb43J2MJl2ANuAi2pPOorodPY3v7FhYNmg2VIQOMIW0bjE4yOSosAUrswUYQzxXhxXhl1wOgzRYto0PlE3jZyn_-YcFN-MPgUcdQN3sJMLddGLOK1zQImMqhy_pGNZD87LFM_ucfZYdIHfukagbA7nVPuKW0k_s58P-bE6JH-bieeQQu9QkqB7ad4U_yqnylsqCNmJEaiO4PtFjZ36a8zvmUR3AbRMk0n6DAkC6ciCeNuVOe4SawryZyk1ddwHu0lLbDOsSyAZqcwids0OV3A3sKOpxoqODH8LYS0t1fKxjzM_JPwcKzZqdf1cr-Fn37s-b07Cp-gvUwoRVPypcT58vEVBJTE9BlAo5bRgVqDMPR0ZUjgvSjvxXB6N_zKyoaZPo4dSzIveTxs5qmd_wPXP2imdNaGf1xenkVsm_a4PquW56LLyBRbUW_QKt1qRvrT26YLF3IWAknWcWoZewWmLl5cBzaDIma_N9X2ZobXJS80drbwBdDPtrIA&pr=13%3AZO6ZkgAAAABpxX4T6Im-FykmNi1urcR-ZGQi7Q&cid=CAQSMgBpAlJWNG_qTrAtvCJjztkYbftH3M6gjLYPRWU0LbiS55VhbSH4EtNnTnSRxZ4GTawnGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ds=l&xdt=0&iif=1&cor=13092340190901110000&adk=217762561&idt=45&cac=0&dtd=30
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4f7971226f0b06367e6548a5db398e65efe7df740e17e2b91bcf181994361cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18224
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_2_2/infra/ 		876 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_2_2/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
03293e996cb7e1e98e2d39f5b5add0bdcd77fdb8d4ea63339e652fa2008afbde

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1692436128
date
Wed, 30 Aug 2023 01:21:23 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
Y451QP1GSX83V4RN
age
74452
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1692436129
x-amz-meta-mode
33188
content-length
147314
x-amz-id-2
XM89OctVxBIFYGMx+3rN+5Ou9I24lDBj+Gwn3K3h5u5Cvx7ObiPr4znyuf43SWdokXnjngsVkj4=
x-served-by
cache-mxp6972-MXP
last-modified
Sat, 19 Aug 2023 09:08:50 GMT
server
AmazonS3-br
x-timer
S1693358484.967495,VS0,VE0
etag
"f1640eef15c852f06261850f3ed67f83"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
27156
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_2_2/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_2_2/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1692436147
date
Wed, 30 Aug 2023 01:21:23 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
AE7Y1GKAMMVBE5XV
age
922234
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1692436147
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
sfWr+ZlAYa9rS5ijeCGboo+hToSwzklRD0MdxhY1kumcb4+YutUth/UIgNFJxFbLDZiNwXlEJKI=
x-served-by
cache-mxp6936-MXP
last-modified
Sat, 19 Aug 2023 09:09:08 GMT
server
AmazonS3-br
x-timer
S1693358484.929466,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
32176
ads
securepubads.g.doubleclick.net/gampad/ Frame A4E0 		492 B
264 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3423301451663690&correlator=562638593591799&eid=31077475&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1693358483927&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=v2s9o84vgb8e&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1135863398.1693358484&ga_sid=1693358484&ga_hid=1099174065&ga_fc=false&dlt=1693358483166&idt=751&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d325ab445893189545ab5edb87543c8626b77f45abcbe45e874047373930dcce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a988d8e92c02044dc6e85070af069dd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6DC5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a988d8e92c02044dc6e85070af069dd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:23 GMT
expires
Thu, 29 Aug 2024 01:21:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 13E6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECcNKhKiITFahf54s8FYz80&google_cver=1
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECcNKhKiITFahf54s8FYz80&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiKo7vGATAB&v=APEucNVDCs-tXlQjLwUVkipM7papIjG9wCBtMj3uHaClRo6eeLOAo6NGkhXkhiInGQGIEauGoDsryB-hE8_Iuel6gFbcGiSRXQjt7-ioKO4-uMyvk2uzyKneMujL_dz8Drp9Tc72vG9vUv_sE0ogU3VoxseUwTI6ST7Xu2xLeTyj4RxRuHe54kWspPHhL2NEIRhJ04tWIsVt0AXnyqvjhovoD4RX9VXssA
Protocol
H2
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liVFziSt1CiTkXMKk14oM4nZeJXmYniVplIIDahBGjw83rjmWN3CsJgeknXb8OHDtRMUMvGm9pyOThTwrb4%2Fg1LyJmgqnSIuGfnGMj5JqPGoIRGqGUMrqHPavpehqjxBB1ccCqrFiwJdaA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7fe9377dbaff0208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECcNKhKiITFahf54s8FYz80&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 13E6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO6Zk-k6rGJK08KKXgKetwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECcNKhKiITFahf54s8FYz80&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECcNKhKiITFahf54s8FYz80&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiKo7vGATAB&v=APEucNVDCs-tXlQjLwUVkipM7papIjG9wCBtMj3uHaClRo6eeLOAo6NGkhXkhiInGQGIEauGoDsryB-hE8_Iuel6gFbcGiSRXQjt7-ioKO4-uMyvk2uzyKneMujL_dz8Drp9Tc72vG9vUv_sE0ogU3VoxseUwTI6ST7Xu2xLeTyj4RxRuHe54kWspPHhL2NEIRhJ04tWIsVt0AXnyqvjhovoD4RX9VXssA
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5fV0UruGyFgZ6UDCVkS6Gmc4NX9StO%2BVW9HLpfnbJMqYqZ%2BBHrKErNNbIXnxsksmAAA6eBDEhgMXG%2B3IGYASrdR63OZF0MelH9u6CXtuIEv7K0956RbWfYppwT3heMI1GsjhqFyl9rh2g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7fe9377febfe01db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECcNKhKiITFahf54s8FYz80&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 13E6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJ21WpPz7otARf9ENOi7qHU&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJ21WpPz7otARf9ENOi7qHU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiKo7vGATAB&v=APEucNVDCs-tXlQjLwUVkipM7papIjG9wCBtMj3uHaClRo6eeLOAo6NGkhXkhiInGQGIEauGoDsryB-hE8_Iuel6gFbcGiSRXQjt7-ioKO4-uMyvk2uzyKneMujL_dz8Drp9Tc72vG9vUv_sE0ogU3VoxseUwTI6ST7Xu2xLeTyj4RxRuHe54kWspPHhL2NEIRhJ04tWIsVt0AXnyqvjhovoD4RX9VXssA
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
an-x-request-uuid
df6eef6b-1e7a-43c8-9a2b-c95e19887a4c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
176.10.107.238; 176.10.107.238; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJ21WpPz7otARf9ENOi7qHU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 13E6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg1Mzg1NjYyODQwNzg4ODY0NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg1Mzg1NjYyODQwNzg4ODY0NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiKo7vGATAB&v=APEucNVDCs-tXlQjLwUVkipM7papIjG9wCBtMj3uHaClRo6eeLOAo6NGkhXkhiInGQGIEauGoDsryB-hE8_Iuel6gFbcGiSRXQjt7-ioKO4-uMyvk2uzyKneMujL_dz8Drp9Tc72vG9vUv_sE0ogU3VoxseUwTI6ST7Xu2xLeTyj4RxRuHe54kWspPHhL2NEIRhJ04tWIsVt0AXnyqvjhovoD4RX9VXssA
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
an-x-request-uuid
d8d0dced-a5e9-4bab-929c-1c4ad492eca1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg1Mzg1NjYyODQwNzg4ODY0NQ%3D%3D
x-proxy-origin
176.10.107.238; 176.10.107.238; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 99EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHf4o5mGRbu1Z4gHbGdiyUc&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHf4o5mGRbu1Z4gHbGdiyUc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNU4_cnJEpbBmMzv3xIL2Sda1xCcwzH1T7JOC0FlKKZC7y2r2ktv83rAp0SwKJvQUsktFGcihvpga8_ubWo-mXtB3obvUqYQ_DUbvFF5jq3vNLXkwFd0qTlQbeTMjag_4-IeZzXatCs6_KH69wPsIAEx1pW_LIpHZhIP2jiC9CU2ygqoBc4CW2mgcRHtK3pBNP6NaSTUEve2aiKBTlwQ6Jwsj7-_uA
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHf4o5mGRbu1Z4gHbGdiyUc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 99EF
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzE0Y2U3YWUtNDVkYS0yNzhkLWMxMjctZTBjOTZlMDlhYTE2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzE0Y2U3YWUtNDVkYS0yNzhkLWMxMjctZTBjOTZlMDlhYTE2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNU4_cnJEpbBmMzv3xIL2Sda1xCcwzH1T7JOC0FlKKZC7y2r2ktv83rAp0SwKJvQUsktFGcihvpga8_ubWo-mXtB3obvUqYQ_DUbvFF5jq3vNLXkwFd0qTlQbeTMjag_4-IeZzXatCs6_KH69wPsIAEx1pW_LIpHZhIP2jiC9CU2ygqoBc4CW2mgcRHtK3pBNP6NaSTUEve2aiKBTlwQ6Jwsj7-_uA
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 30 Aug 2023 01:21:23 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzE0Y2U3YWUtNDVkYS0yNzhkLWMxMjctZTBjOTZlMDlhYTE2
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame 99EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEMz-zjcOtU-2MAQHPziOJsg&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEMz-zjcOtU-2MAQHPziOJsg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNU4_cnJEpbBmMzv3xIL2Sda1xCcwzH1T7JOC0FlKKZC7y2r2ktv83rAp0SwKJvQUsktFGcihvpga8_ubWo-mXtB3obvUqYQ_DUbvFF5jq3vNLXkwFd0qTlQbeTMjag_4-IeZzXatCs6_KH69wPsIAEx1pW_LIpHZhIP2jiC9CU2ygqoBc4CW2mgcRHtK3pBNP6NaSTUEve2aiKBTlwQ6Jwsj7-_uA
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 30 Aug 2023 01:21:24 GMT
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEMz-zjcOtU-2MAQHPziOJsg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 99EF
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTZlMTc4MTMtMzIxYy00Njg0LWI5YjYtYjM1ZTZmNGFiN2Vm
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTZlMTc4MTMtMzIxYy00Njg0LWI5YjYtYjM1ZTZmNGFiN2Vm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNU4_cnJEpbBmMzv3xIL2Sda1xCcwzH1T7JOC0FlKKZC7y2r2ktv83rAp0SwKJvQUsktFGcihvpga8_ubWo-mXtB3obvUqYQ_DUbvFF5jq3vNLXkwFd0qTlQbeTMjag_4-IeZzXatCs6_KH69wPsIAEx1pW_LIpHZhIP2jiC9CU2ygqoBc4CW2mgcRHtK3pBNP6NaSTUEve2aiKBTlwQ6Jwsj7-_uA
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
server
akka-http/10.2.10
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTZlMTc4MTMtMzIxYy00Njg0LWI5YjYtYjM1ZTZmNGFiN2Vm
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Wed, 30 Aug 2023 01:21:24 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 6760 		210 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1972798c947d6ce0d3407ba91a934821091694f168ca2b7de512be1eb70e866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
196
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 80CB 		26 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351283&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483255&bpp=405&bdt=614&idt=723&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=2&ga_vid=448424990.1693358484&ga_sid=1693358484&ga_hid=1924307505&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2172&biw=1600&bih=1200&isw=336&ish=280&ifk=2231387374&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077328%2C42531706%2C21065724&oid=2&pvsid=848690160865409&tmod=1792512408&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n2dom0z1dmc7&btvi=1&fsb=1&dtd=744
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a53a9787a025ade8a74728f7add74712fa5bf40f10caa688f01d367afe418b76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
12083
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 67F8
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:24 GMT
expires
Wed, 30 Aug 2023 01:21:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:24 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		263 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5be6bcc84ac72b32eb82c411cb86b875a40c10ef67b22c9a7c40e5efabaf2dc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89458
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 30 Aug 2023 01:21:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E3E7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4113151707455&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E3E7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4113151707455&version=m202307240101&ct=77&x=1&cor=13042882315101980000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E3E7 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DqcqnnkLCO_yEA_dUPa6dhVoUiO8VpS-oZGX0Ir2tAIM5BTigHkFOWnNLBGNuwiU0pqBBtI8M9Xmy_JPuRzYmVju1_SIY2sFizycWxP76KEeDEAW0tQxPvL4rfSDMKExHBbBIEomrv7L2iymnKM2y_bSFjupYkUdOmxILgsSRRPjQwqso&cry=1&dbm_d=AKAmf-CP9RvZ-rShTHOrfp3vFK7lRc9wErSGy-Q-4kFkqGweAAB5WB-ojXRIP2U98MCqv36HT4mH7qN-jlVQn_L1iVn1Xew2fydX10LHIe-blCktiarMReACABXGW-9zTDoS7kDk9t-0K_OEasxwwfcWu-wlqLRDT6sci2lPshJER5_OeYIKEYRX9wZqMBTUwr6BMwWzKFXRKfFf_Nw3qFKWezSP1Ok7_vfMkXIJnWguoXIjycmxHl2sxiK2iaNEQgo5xwcGshTvSK2u94gdVSkJtldaVsNRODuWmhYtegw7g_pqaiSo05iRmCkyxZIhL_4WGxc0p48K79e8sZRCepz-epKnMtRm9Shrf7dbGrcSbJTYlgktFRMxPctieBCRapM7VRgr12F_TJG25QaFu194vDi0px4_d3bspXGEAZ5qAp_UK92eqCYyVf5N2qpHxb7JPIKi3HTK31rYsWC6cwAwIhjtwcLq-0EbeOV82QRzNmCRxCewefGmL6R8t8gEy_xK1SM3_XrnzNykq8_eOpB9BCHbdg7U9zCjIViXxmD3rppCnGJHwblU6W1GJKLzJbZk_zoJRkWF-wsIq1qEZVD2Gvpz3pt0poMnzMf310DKVd6K-K_znwcpMQgMo1UXAEZ7ADXQu84Wr2gSdLNNpc3KzLjx42DRxp01qEniP7ELmqOnTohRnvS-xwt3h-4iJpKgqem_v3Qc1_Is0FYPJa9IdZWtVzFoQa3O7qC1qSO61az_IJ0YvDelwBD682941XicI_MfdvuILbiVNultSqxVazPHD2gYCw1JvW_AKGSGAsuat5ZxR5jXzY6QNiRs0NiVcvBkG3JtzP6b8Mp5FOZOqa2vCdWxgBjmPenC0uVLF81MU0Zl1rLIvtyHZu_Uv8qR14w1HCbh-plP9XLgsgqBD-ErabRupbwkKPJqYU0biARHNtHumKVVrbaSthpZiRV11UCgmfNTBS-GJa4HizHwjyTjvujV3ZouOxkZpKKMYFEP8oK3pOy6f_lq1WUtvr6mJCNpenf0pm2ZdcgQpVi-MU1lQkQ7x_NBL8LZi85vuD8HGxVSbLXvE1XH9KHXeQegIQGy6kGWAE8p2jZDA0nAYT6PEcNKabg_JcpKfQllBgH_BKteCsrKWV8m8wiIpQX7o0cOSu2cgNtPpotDoj7M9eIr_GHp-VmQboTjrHV7cuc2rAMZlKr4cxQ1Gl5AR9tAEgqEeNWPpIw6-6kzPdd1seKPd_v3Cu7J1_rbN-E-9eBlmI0w4XH75X30ZjwWaoFgyC1641G-l66abNyMCSOnc2AguWVDRuXNlJaP8MbalcuG6LkqpxfboEvgAPn0qna3ezKo6u5cKDKHJSFrQsSytgiFZGJ_HMM6j7zXD1DcS-trTAoiX68DxreeZqkwhYz5KCVywTKLkk-2Ps5rqQOXtF2fHJJYii-xnGS82mp9HTyasvRRiYLgVYEu6qU3DemKeeonx7mMuchWNl3B4pNLh4bnGps1FEjEhjkmM07y-pdMosPIHARIIIMxxYil4Ttr4epJ4ZuWb00rND5-i4mR4uQhSQOM6Yf5Eb6MxoNkaDWn-MwMr3ErNb0KwguBRXV0hirEREpCud6k1ewM1KbuU2EWSABcGDU7Wwn5f7K7qUH0BbuieOtbhhEztP4He2UE7VUb4C-mVaHwzBuKM-mKZdBSmK4xzY4Ra4Z4xluWxfHBQKusMUJCyKF1ux-pdWdzHFf6WBUZYeHUZvfPLk6P3pDM5_mjBPFjsKu4BVUByPEf1LWseA7pkua5LR6G9C5P_MQ-aRrXCgPD2oFzDUqZ2nJQVjOc-2eHJ61dGYNWdKL1i35HI9wewpTzkJx6pnCXpBqSzuucEWrunrlJgLXbUftLoAW6iAx2whh7Ys1hVaNzoSWmkY4Fp9KlQZ-qDQpb3j0nzsOCNM3QKhv9Rx7WwJWTQXlpy66wmhsH9h-UHGDBxEK-bUdw9XYqxQOpqnbh_W5UfFzSXzfI2dgO3_jk4tZMROReMdHtRzxI8g0IY38g5AOoETr2F6115TBK7SqOFwoHpgLOxpf0LaupPby7C9JtJ1x4hVCwbmXk6HibE6gpsFEKJxQqJmMNTrWUZ6iHwcCvN2h4NjjYPHGh8lzTPkb0KW8_0iseVH_yJkSK4p9-nHKytSKlLX6wRZ_FNkTKIHuK1jZ0k2vWtJRZ4aa-FuC6J4CcWyZsQydqR_fjllctI-ettYYTi2s9E8yJVsHPSCkaeJvvwlirGYluX1yQTjBhezwIf5TQI8iQsLYQ35FTPXi_HIKBYb0ohmsv_Dhhlyi7V8n7ZBUFGO9Fw2xddpmvIkTgiG2nURXqsu5zyjyBo532TkEtVRfZ_xAXbSrOZQEIj1p3yTDHnnqtESBKCVCeuRXYou4d48CMWKZyacQ286Fig29vjCWOkshclVcJCd6b5p7netUL6G5ep41LmK_f4Hr1ZwsAsFg8wcBu-_DGeSGz_ba5vAeb-fkPcsbdisnzUzEJ_3bKKKvrbAUUbxFeufO1ESGfEiwA7VyXuSek0lCafPqRqJjevaoWOK9N8xOuZA7WcAIhMyS7fAXj1AT393hSJjklX03c_tZEDVnIhLeAFva6kzBqaIg21ckUiT7_AA87UIKULgs_vxKcJTbItj90lydUR9Tey5LShWpR0H6sodK1RxVYHQj5mzCHPdSophXvafVfiY_RvqKZce3lfmBnPCAnXE6jkB_Rfl4lVHPvpZ-0brXNcITfASpk4ymTd1NK5RDMnHhULBSVNhCPf6w0gcikTrlenskgR3_T7HLtkcPuBrD8SCBr1jYqnONqpNLZCXGIFjKev8GAxgoxmPacOFKiyNdnBuUIlUcYI1g9-dFWmgCE4buDiQTKo_qerM8KIfCrd5voiDgtxmcM88dhDvgk1wPG2UIyha1yt1FMw6JXiOsBao40oSCWp6E_Wv6uT7laSasRbC7Z418O4WRgGZBHruxR6s-twVkGx6gLmCMe8QSYGefY0O2w1XpN6se5dT01ZyS2XbpPEEgSXqvOjYpZz75sNHG8SVYZ4obuvIGTuxrwdnth11e9FUwZQ4CUrXPyIT3Pc4De1GLgszde6Qf3XnsNKNC8vT8bjOwDzzmbkTpakHyVnN1RumFtnMdntaQidwKVd_Zpcapmol6sQR5wYi3HuP-n7igv7gpUr6mQMt0oQSb79I39zBTk5N8QxLIJpwQ6DeBPYuGPDVR_S5uTHqMeV6s6-bYqQdGRtrpcV4tbDKHBRCQ1j20vJ9nQOsO_Z52AdcQDNwsgOFUivl8AoX4BgjlZs2A0VVHZ9FjpYzxx85XreT2Zi--Dk8SxgFeWI0a2dgcnc3W3VjIBzIue1WBM3zk9k3pepWyB241IQiBPcZSfh1QkRZH91jW5Pzs2UDuArkTTK8KtSkg2Qipjd-jnxa5fg_Kotmf239_-NKVwNhS_ZDNzQb1cD_qb62G1DwIxAk1gMvEz5jhoQ512ox7_O8V4HTx4Az6-WoFQrDmr760N2h_xpRTO2dX5gjC7b4p3lz-b9FyYWCYfD2BAIr4NHYSpSuM27xHDtvnPCsRuPkzmvrc7fNF0oIB3JFizQ45TUf8yAlAqQ0Dwoty7h5w98PD10ZatDTcqa7R7BkMtQ1xSP50BWpsl5Gx1Eqzx7HFauBh2Ns53domEN6qZ3kFB_HVqJMLdPf3BZnAgahH4nUCvA5xxOZp2yrlyyzoDMEoDzm5p3ygNTvdXuPVTe3cl_71FIVEmSXkObshfOM-QGz1c4eF5rsSR5gBajurUw6H-xwsHUQk9A-D2DANk-G22-N7Psug6tiSDrvUnBKcfHOoWbgJeb2jCaqN4Ux-fEva8thD6ovlWa-2tC0m2E4Pi5LVDiFWdsxnIv4v5I3lhQAMBasM_QyWkmGLDzTy3dOQASuM9-OvQeBROR_HuDxFYCQMcaxXSsANQCbJR6ro1VE1kupXxvAP4aOZd&cid=CAQSSwBpAlJWjVEMPG-CZSsF3vGb98JQf8ob35zJDhOGfFshVf4guAg3ZVtCKRDlHqNYLgtZVohBFkAvnKEVnZRpfS68nb_Ytwmq4VjT-BgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=13042882315101980000&adk=1033480531&idt=41&cac=0&dtd=15
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cecad6a1e383ca19d5c150f7d5841030f88b9aae1b49620010f6b58c58c31f15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11984
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 99F3 		210 B
266 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51d580ee371be5650197f21f47a40118b54a91aec835cdd835dfbe0c40732d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
197
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FAB0 		86 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351284&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483291&bpp=440&bdt=671&idt=787&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=1&ga_vid=1930005420.1693358484&ga_sid=1693358484&ga_hid=394706282&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3637166096&scr_x=0&scr_y=0&eid=44798879%2C44759875%2C44759926%2C44759837%2C44798934%2C31076998&oid=2&pvsid=1084659188754477&tmod=1700580836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.om6dmuaj93it&fsb=1&dtd=804
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5036dcc7ec8f270dca4085218407fdb04bfae79a0875354ecfe798f7b26b5055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
33070
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4467 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7264780501850&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4467 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7264780501850&version=m202307240101&ct=77&x=1&cor=2993847580144249000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4467 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DyapTsQdAobKGRw0tUhLDNm_9oUJPaMWjABqCMkv1XGB_gQHvwi_haksDfOTRmh9YQM0qG4DQ9eC6N46J9zNa3639K9K2c1MJunjfBoxXBOD_g8wa5LEEgz_ArQYy_ssDDBS6T32DNHmbJ73q0mzNrB0kK_Kq-BabTo_r8MxuxqIcHbiw&cry=1&dbm_d=AKAmf-BtEXENcSOp2Qa-uBOekbE_mWICPjuUMgBy_piwmIeet6FtR6u7ur02nGVdeGeNRH5fn-bte-luwjoTRHLiCvdSLmY6WLYxghkQ2T5f1p0rLJiUxIG4PYk-e79oiorEYLMQSoV68Eo8Zsu5wbOVQsjGVKUwJ05CBFpb4PrzKsL437EKkbDEMEKAd3W1gX1ogo3Ti4dF3KMqjWrmxI9PTfDwS5_Y9k2TAtWBlKoeow3t8_Uw53d_p9oqaGbZY7AQUNfhccJyGNbCKcoEPRCOdAh1NTjaXtXunXyaHh4fqxpT1pEdAzuGWkcy5KtEU0CriuQJmvwe9V8qBxebX1lXOvZmsNmZpTBeLR025nD5AQMG-anzLbWHt46Al8NcXokecbag9afYFkodrmNfISQYaYM7JayJ24PRMmsdxALGC00uojIoC0_-Cs0QiH8hFZO9XyUY0IapwKvnAw3pIwiG0tcbM85DDE4rJhkAaGmGCD0AHx1hIWk4nBwrbLsL2MJhaoGFE1p_9jI10LQtKgkv6Uj0EKvKgq-tzV4s4oqH5vD90hYO2qP5SQtSSfUQihYfT9QenDHgaRKq7nxlBTpv7FZV50mCfI3mehCHsgZRUOW-0MYEMola_i1o6L3N97jiSrpPlwJ91rtzzFKlfOFcLE_1BF3zZGAJ5rc8t2hTcrD006HdydTQTcvWDuQmjVSUmVUplO0f1zU4IFjwdjN1J8783rCoYsWXK49hC7nLko36TorB2cC27i6Nr4BQPhO_jELwsFzhzJngISB9u_bEWNzQCxIS61fNyMGvMNfENZFuAHDgORGZTEi08y1jN_s0j6P2D_jVciamhnsf0Vz3fIlH1_KXdLSvTaJDtXrkdh_SEqAhw9KOSP-bX5-MMkJNLCDfwa3Vzpt_TxcuDoHJtjN-FfQTk6JP-zl1Cbae9AJ2mKb0wMzkREYCW5A4g5thH2ILME18PfdJb5BjtZHogS0-ln-JrVzleEvjwgN6YfmQrJ0CmTBCenSMvkxvtOoTBVX5QDTlWRtl_E_ygyPXw3Z2GjxYYOtZCwZNikvVo65pGdIaBJCBA8OWJbk4RBUHgB7iOUZ6CtWByF3HvwcmB7yVVUPt9irnk-fjVRfQj3GwmzKci2XhLzXJjPAfXCWqmrgyMLs44HTW23PNIE_6N0v9Fu3A3mNx27LoZV1RfbI-Vj8sRB7LR_C7_u2ZPnMDPqVlPUgl4-LRGrui8xkXfr3iGs5wwcqzLDYf5BChSzaAskf1tTiBPdq2V84LqAYxlK_SVc96axVc94SZJ8CF2XWSnY-Gk9OTXy1leMGjpyplaGS7881z_HUjPtMO8nE3VaeLC7NN1WTqixVPLjX2iKqxUqu-Jz2j2ASm5eMGRPHdPb8pstjgsrGaL7UkGH8D0wy5KrdF4fxNEepmAW7sXUt_aeh5UieZc5Ia2yxjy0ZdthTAn0e0Zy7dqrfrE8Rv-MvOPSEbjJ3kAqOXBEOg7xMQxNRbISJcYLYUHAAH0kIxrFjISF5TV6mh9BQfMy10s4BVjV1og06qC808eoP0QeIFu8RRN1gJ6-MFzDDoQhYC2kz1wybKsn_3xBVIr232GZMdoiu9NbIXb7RhyRv9z8_HXtsmgEnl3gIMJRB59GV_mqUYYi7UBPRm8O8OVjh9D2zv2_IPeucxjLSGJNYJR1J-Mk6D7BBrs_5e_9oywHSEIp3DHktjg7wnaeyfJYzcImVg4MqYn2rN6cvxYi8ls93rAXDiCR-LylTjdFITjjGLpFsRiWT7VHDlvU9R85zU4zCOWXMUg09H7V4h7pHjD59enDbW4WVOgNTDaJtoUUA28gILKdI1RdU9uHCkFHEGWA268rMeSK5_oKyVAr3k2qNMgTxzLxHRSYozJNIh7CCUgw1Y6zqzdUC7zildm4PUR5mA9yuflFmY4iiHMB3xwBgLhgUsmrIyGMY5Lyx9uIV7LFFK5Ztjh0yIOztk9_a5V2__jj_JtGYn3KTgJBsRx3mmY-7zZnzOSO_Omw8Ij75mqcRnnDS_1yrrWOIytBo-BBANyK27Xt5VzATMOr7vXWkhyElDpAhu7edAVFNUo0j-iRTKMMeatSn2zyqUnKZJmy6xo12ItABOJYVScC6qIRz6xVLur_fsBjyJ7eQSn30BqDZYbRe4D12h_8599e-cvrLiiu6l96sJwU-4VweZn6sul3Z_BRoaH2PaxU4xJ8AAWn5zesnTji4hPBRlpDwh3MeDdm39P9vOTBPX23U3mPN63cMMv5OGBzrJr7Fuh2tN0c_wMPfBsA0D6PeME1w3j9Q94XY4dfXDkBoq4E0hdF2xHNDQXbdq-k0nl0676bCioV1fhLfKRZsvsy-n0RCQSVemMzDVW0ANSziaxlhUKk8eDf1EvCaTBp6qAs67UR5a48KhGrJAbLR1ja-CLa2spCoyNKGbMAywadpuyOv_L8ThPdtNi6w2FvNnVME_okHd-OYyp37Ke7-PXGXGR8geFUmC8vJunOAAusZ9WW50sOEVe5alj8s-3Ot_6FjvyMb9VcSkTrSW-z9bt7GU_PpReHQc-i6OP_Ldm0zIwvNW0EOcy976hDtJp0vMWmI2qTmE96dLSlVFPMQdEtWqjOX0HfTq9wmU27q7FKLa1wpYXRv2UfX9UgaRMbxwInrSHa6WLegn7NuNoPzZuhghgxFTdSj3hLF8S-HCyP0lq00X4GT7I3-21CQn2I4Gxsc5wV2lDKlMToJCejH-m2FC__5CtTetAaX5jll2Z_zq76ClOewW_Y3ZwFdVRP1JRRIDJYphYYeYgNCB6C30KIUC_wJrZOxockaHeZWkNy0YaBRa5nN97RptAAytA7m33GG_959kMC35MrwtEmUZmGnWN0mMyqgEU5DTYBWUlDjtz9oKxiv6xHRROicRS1aHrfrNJprxo6W14umkKwHr8sboh2mtyUwOQx3cVUx85sh-TZylzxOmH8dI9yl8bTUZBvtfy5Svv_T1qDKJeH5zqBWUR32zOiEAa5HMGlanAUrTSki8LsuIe4xrwceGMcl1JLeVUoHUyZuJPEqeHIaLmi63VMF1NXp8E_-5IKIhY1LLtkxlBHgacyrdbKmup718o38fSM0aKg1YWqsktBE2KunQ_7Indj2vuI-So-KSdMBgeiVxRG59u8BXHyWQBklEcj11PWe51bSSngOa0NjyZPuoUvVSwPI9qgrYYu9pEM0YdxuQ5-GBJAjYmhC-lWd-hmlOAFdup_2oGZRXD_tUKX_7W8ZHnJgNZgREtDJO6F1NoqLmBVgWKFKuiXbnKlputiDcfv94B1JZaBXotJUnqKqn0U2DMbr_9ET_OkeI67ZMf-3AG7trEY5qhQvxWdTkv7-KcGsBs6qwr3K0aOPyItaVi3sIjWWI6QiGYNv5_uV2OvGl7hGGpkhOki2KKyQmf_Qxc_7mr4vjyLdNAlBEeGhjI7yTXuFXOB8EVj6Qvr_ylxXcG819CFxi32eWop2Xx2yJKsEZvFQGhBl5rgIXg2Gor6PTWl15G3TJjO6kaFyikLYaBlPor9kuQZSV9uC5SCC1K4R2cF_Yaik704rts4Ktk3jedbBPvOj5lbSX0fFzEPQosi-M-v4AOElQhnKFxtNZuHNhj6b9yENSHaGL4evjNLrz7FDbknIVtkJbZwPRxebfeitsFEc6aEJ0Pc8aFCJCFtiYZnDTBQYVJ4bKi35pVc9gebSRm-bwxb38wWFKXj_vLVC7tU_3U1d0RuhRXRyWVExvbCsWJkwYkPW1CC25eSju14r1udpd9DYyELW0E4u9ELwadXvoVpOxQl97I2SMn0VpGRhHyluZ2V-3xhjSo7bNFEQe3YRxC4Il63xKrHg-1nFkx1Xy_kxfBoWNhFl8TD8W54T8rv8VDrIrDsRkDwX-ZizeDFt9psxI46zyurbIT7r2JmzBrWunlLzED2B4YRNOPAwsd9-LosPDgOCcGj839GdG4yKR&cid=CAQSSwBpAlJWjVEMPG-CZSsF3vGb98JQf8ob35zJDhOGfFshVf4guAg3ZVtCKRDlHqNYLgtZVohBFkAvnKEVnZRpfS68nb_Ytwmq4VjT-BgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=2993847580144249000&adk=4188270525&idt=55&cac=0&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8963be88e36887565320e04c7dee61fc73cff6f6521938bb13adaefe6559347d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11808
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 4728 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bgvl1ZjCZW7UiSrv9x2WN4LL4Ql2Fj19HPtFwfkGpG9ZZILH9OWeHcamDaBeHRo6JXH9reOBhFswsBCfUFffcUquwo8P3vF3pHbLvrmR7YqeoWdRNaUF5nkufsPdlj4NKIWA-WmfXKXrSyp8wjtSH5114ztzfp6T8LxHtmIIBPf4bQ4K0&cry=1&dbm_d=AKAmf-BGkHlkHkwgG7movmYg5BBFn7DqxNRlVJWgfyVZZ2tgf30sR5fKZOYq4rFpD2L4K93pPHv7AC1l7vXiGwZFtCyEos82HiMkgD2n5u9Xw-t_5qr_jC-whZzolm00vJYqpjuZ_vItKa-MkyysqGaAkvVGWKTUyGtbmPyHqgSfPVwXyzV87RShvDbsNShbt97XU4Yto-2yuEUV3Z2dAyFadbAGLngvrZLcQ2bwOdjAn3dLJ3BsL_YQoVX8yM-CGxhqH4I-7sWilvXVAX08_vhND5UGTHhk_5pzUZa4tjD34zxEF-_O3eJ9TSI_fbQ9937sB-RTjArliI8F8WQ5LD0fh6eh2q_qPu-AdEdqKVOiZwHwCGbBJQeq81_a1ZiCekZpLMlPUA-9Z4e61UOmYGteZPiCp2VF1Nm9DvnGrKF00Qjv4M6gxPcfV2DjibZglQkrKxZPDC3R0oUzb_AlG8kvwil6n1s-bewFRhcc-q85GVFwhFR1dQWG4fHO0CcoILnLSGyUGnWzuYkmM67FWQhGrjwfYHWKfaHzSRhnB_CrH8LZbRsQ8t5bw3AkdqkK-TOqmI22SPdhOtEA7mL2qJgcJSh2x2TgoLhRMeFWWS2LlCx92K3ID77wFgkpLgDVtgPwIOzHuvhhBbY387ON1I6T4zXbhlKORiWpIRzRO3KmyR0EZnaPbnBTFwiV969Ip0E6ZYqaPa2sjClhHTr2xse4mc6OMQkiOBWpenq1uCMRSUpmzLyAJcSvr0pNyuG4DV7JmXS3rJ-1-CZh_LzyAJcPmvRtVhp3wZ82paMZ_VsOXSG-Vdq_sd7NKL4cwr7ZjajQXgGFZar3u10iUKhZU2dbEfUp8Xz3VX3Aq5_DrvxzwUWylYB001Ru6T81Hb75TauZopSaJo9AByIN9lI-iMnZ6m-vHSdtZ2tafDsHtGZEWtMIyMkEyEZ4fUVDRSbeEUqX7gLzRXX5sUrlIyoYXGG1243VFL5CrZt4P4ESgswUOYGY8cy_Nek7uUkbjuU3OdDXMW7jIClDcrFfFJRItlvxz02ZkJXD4bkzHBI3oDyS8-2RLV0p9iIJWam4llXu5k90OlKK4jKsfqYFSQQ30cfmCOEEbFsfXw6EZyUC_Zorh3oDxeWps1cvXF2Cwwzwzk_bj--U_xq2TsBkBZA64RYot6MVvpMDpxeeC7eY30-a-oqLxeBdvmOTqqbiWmNFfWE-Y-3_t_9VY7NUSf1cwbLFAjkJEd0l0mntN02hNB0-9PoU0nOnhuba7mANGHjYpsJ3BfwD7bcNe4OfqfEbMSRou24Zn5s1g_Pv6GdLSkAuekkhFllJJbyZnRr9MRBvQMYJXpuHhAF7o5PlqaU_5aX6L-pocsIVv1pF9BTQYFjchWSSjDJ25BR-quviH_p4xyDG1oXz5at5eRKpl0IOn-U5wXcFpradvpX4SZpiJiqMsr6BP9rPJZcbdZ0w7E3St6hulqZIhkIoddsjiFahZOaj1k9NnxxuXDCIm8pLnRu29ybIN_1siPwOv_2IaGV3AV5qv9gxOvbK8zMgLoyXTp2lLoxDJSahbMAyc1oCb0XCTwDxl_f6Btph-Sl_J5ivAVo0xAGMxZdBVIAcIDR4J0V6HAfR-msYWLhg1NfcQvGvXz12ecZ3PRSTiMaD9gWj0G8Wc7lEm9UuIhw8Krrjk-FJ4_8SIjjgGb2e14fI4tyFSgn6C2W6beX-A4gLeYOQBKiV9jR0WpX7_fea2JeOHgJymqMPJSigx8MM9cI1qQuNKy8qA6SpxB9gHHlDtbl4yWXR74FXpbjJLajpscet0m058PTbo9xGFsfTv7mLDExU6ZUnZHsBdk5KK4Y7Er6FUY4lc_82KldL1BnCKakZ5LzVhojTIeGXUX0RyFdn1nKRMcJZJCjio1kxmRfwThXFODjbgTcxm1MiKPeCwsjwXbnzikK7YAwgKKbfKv0CVObCIfsMv1cbWOPqkjk0Vt-uLaNiJobXtyzxIbVxb2nT6eJuyiEFZz6Dd27RrKEcxfZD3iDi2Nl2Q5StJ4FYrtguokwmiEfcfH0AIMzDNt_Qv__PJ9fCrYGsD8dEnraeEE9ed50ZeJnClRpxCGClp_jJnpUPp4Hn-htwINinLOsAAQW56CP5znLZJeH0qte5JbzKyxcTwGEIkRHWTDhmf3N7L7ObyJ9NGVasw40ssefAGSwVGrmxPRjOdIoZpaCd_o8bYRdSKdb-dhGqtWufxhLRDNLIW2Wuf0hFmK86_IFISC5otVKJe9M896VotCnKLAtEHlbrix28Rd-5hHhPqPMiUpoRjyh61A9jR_qSf7iazYR7zw1G_qtGQo60pW918UO0iFZ1ofOEpy4cnMo7ieHZdGMDm4SE8UoOvowOFnK3hN8Gy-sKAJkQ19rUrbWIEKlm0Qg_RcBTxHPQ1Dx3ROUCq3i0z49-24ud7tp3bsogjmyAgyOeNQkrlDfvVOhLtsvvzZgQgYFNuHlqrYSoq0cIp9p01xvtjwGsqRM1FZN7k7N7V1kLF9Vj6ZKnC2bt_HuVufVQDYRR2Q5q8Rfqbj_amvvn7UTYyJm5TG4yMo-BrPQgnfGkXkx0lh_CjKwZrT8-KxQ3y-FcZcQxxckrZXYzUuPbWuwR_5Ppxj_Hfbz0uoc_-kcrn3u7zzI5FGo9sXtyamdbbikZA2885WFJsXNEn1dJwf8pzkyDGiU2KIQ_kIBHw8nP9YjZEG969hb1J6hFL2WlKTqUHcWY0mlBNfVsJNbs0PA7NF33WcoEVD1762I9EbFBrAXnKrk3JcP_jhKwl3xUt6wdKEIlMYl181kBo0cxjYytwogMIYzyeDlfAfz4mt4_LulwHbzORqN0BIVt6s5oVWIYAw5EgUNtUGA0ukwU91gLkQD5vGuL1tb0Jt5XoK0FqZkCgPZAZTXYZFb43J2MJl2ANuAi2pPOorodPY3v7FhYNmg2VIQOMIW0bjE4yOSosAUrswUYQzxXhxXhl1wOgzRYto0PlE3jZyn_-YcFN-MPgUcdQN3sJMLddGLOK1zQImMqhy_pGNZD87LFM_ucfZYdIHfukagbA7nVPuKW0k_s58P-bE6JH-bieeQQu9QkqB7ad4U_yqnylsqCNmJEaiO4PtFjZ36a8zvmUR3AbRMk0n6DAkC6ciCeNuVOe4SawryZyk1ddwHu0lLbDOsSyAZqcwids0OV3A3sKOpxoqODH8LYS0t1fKxjzM_JPwcKzZqdf1cr-Fn37s-b07Cp-gvUwoRVPypcT58vEVBJTE9BlAo5bRgVqDMPR0ZUjgvSjvxXB6N_zKyoaZPo4dSzIveTxs5qmd_wPXP2imdNaGf1xenkVsm_a4PquW56LLyBRbUW_QKt1qRvrT26YLF3IWAknWcWoZewWmLl5cBzaDIma_N9X2ZobXJS80drbwBdDPtrIA&pr=13%3AZO6ZkgAAAABpxX4T6Im-FykmNi1urcR-ZGQi7Q&cid=CAQSMgBpAlJWNG_qTrAtvCJjztkYbftH3M6gjLYPRWU0LbiS55VhbSH4EtNnTnSRxZ4GTawnGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ds=l&xdt=0&iif=1&cor=13092340190901110000&adk=217762561&idt=45&cac=0&dtd=30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:06:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
40489
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11511
x-xss-protection
0
server
cafe
etag
961974302080011826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 14:06:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4728 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bgvl1ZjCZW7UiSrv9x2WN4LL4Ql2Fj19HPtFwfkGpG9ZZILH9OWeHcamDaBeHRo6JXH9reOBhFswsBCfUFffcUquwo8P3vF3pHbLvrmR7YqeoWdRNaUF5nkufsPdlj4NKIWA-WmfXKXrSyp8wjtSH5114ztzfp6T8LxHtmIIBPf4bQ4K0&cry=1&dbm_d=AKAmf-BGkHlkHkwgG7movmYg5BBFn7DqxNRlVJWgfyVZZ2tgf30sR5fKZOYq4rFpD2L4K93pPHv7AC1l7vXiGwZFtCyEos82HiMkgD2n5u9Xw-t_5qr_jC-whZzolm00vJYqpjuZ_vItKa-MkyysqGaAkvVGWKTUyGtbmPyHqgSfPVwXyzV87RShvDbsNShbt97XU4Yto-2yuEUV3Z2dAyFadbAGLngvrZLcQ2bwOdjAn3dLJ3BsL_YQoVX8yM-CGxhqH4I-7sWilvXVAX08_vhND5UGTHhk_5pzUZa4tjD34zxEF-_O3eJ9TSI_fbQ9937sB-RTjArliI8F8WQ5LD0fh6eh2q_qPu-AdEdqKVOiZwHwCGbBJQeq81_a1ZiCekZpLMlPUA-9Z4e61UOmYGteZPiCp2VF1Nm9DvnGrKF00Qjv4M6gxPcfV2DjibZglQkrKxZPDC3R0oUzb_AlG8kvwil6n1s-bewFRhcc-q85GVFwhFR1dQWG4fHO0CcoILnLSGyUGnWzuYkmM67FWQhGrjwfYHWKfaHzSRhnB_CrH8LZbRsQ8t5bw3AkdqkK-TOqmI22SPdhOtEA7mL2qJgcJSh2x2TgoLhRMeFWWS2LlCx92K3ID77wFgkpLgDVtgPwIOzHuvhhBbY387ON1I6T4zXbhlKORiWpIRzRO3KmyR0EZnaPbnBTFwiV969Ip0E6ZYqaPa2sjClhHTr2xse4mc6OMQkiOBWpenq1uCMRSUpmzLyAJcSvr0pNyuG4DV7JmXS3rJ-1-CZh_LzyAJcPmvRtVhp3wZ82paMZ_VsOXSG-Vdq_sd7NKL4cwr7ZjajQXgGFZar3u10iUKhZU2dbEfUp8Xz3VX3Aq5_DrvxzwUWylYB001Ru6T81Hb75TauZopSaJo9AByIN9lI-iMnZ6m-vHSdtZ2tafDsHtGZEWtMIyMkEyEZ4fUVDRSbeEUqX7gLzRXX5sUrlIyoYXGG1243VFL5CrZt4P4ESgswUOYGY8cy_Nek7uUkbjuU3OdDXMW7jIClDcrFfFJRItlvxz02ZkJXD4bkzHBI3oDyS8-2RLV0p9iIJWam4llXu5k90OlKK4jKsfqYFSQQ30cfmCOEEbFsfXw6EZyUC_Zorh3oDxeWps1cvXF2Cwwzwzk_bj--U_xq2TsBkBZA64RYot6MVvpMDpxeeC7eY30-a-oqLxeBdvmOTqqbiWmNFfWE-Y-3_t_9VY7NUSf1cwbLFAjkJEd0l0mntN02hNB0-9PoU0nOnhuba7mANGHjYpsJ3BfwD7bcNe4OfqfEbMSRou24Zn5s1g_Pv6GdLSkAuekkhFllJJbyZnRr9MRBvQMYJXpuHhAF7o5PlqaU_5aX6L-pocsIVv1pF9BTQYFjchWSSjDJ25BR-quviH_p4xyDG1oXz5at5eRKpl0IOn-U5wXcFpradvpX4SZpiJiqMsr6BP9rPJZcbdZ0w7E3St6hulqZIhkIoddsjiFahZOaj1k9NnxxuXDCIm8pLnRu29ybIN_1siPwOv_2IaGV3AV5qv9gxOvbK8zMgLoyXTp2lLoxDJSahbMAyc1oCb0XCTwDxl_f6Btph-Sl_J5ivAVo0xAGMxZdBVIAcIDR4J0V6HAfR-msYWLhg1NfcQvGvXz12ecZ3PRSTiMaD9gWj0G8Wc7lEm9UuIhw8Krrjk-FJ4_8SIjjgGb2e14fI4tyFSgn6C2W6beX-A4gLeYOQBKiV9jR0WpX7_fea2JeOHgJymqMPJSigx8MM9cI1qQuNKy8qA6SpxB9gHHlDtbl4yWXR74FXpbjJLajpscet0m058PTbo9xGFsfTv7mLDExU6ZUnZHsBdk5KK4Y7Er6FUY4lc_82KldL1BnCKakZ5LzVhojTIeGXUX0RyFdn1nKRMcJZJCjio1kxmRfwThXFODjbgTcxm1MiKPeCwsjwXbnzikK7YAwgKKbfKv0CVObCIfsMv1cbWOPqkjk0Vt-uLaNiJobXtyzxIbVxb2nT6eJuyiEFZz6Dd27RrKEcxfZD3iDi2Nl2Q5StJ4FYrtguokwmiEfcfH0AIMzDNt_Qv__PJ9fCrYGsD8dEnraeEE9ed50ZeJnClRpxCGClp_jJnpUPp4Hn-htwINinLOsAAQW56CP5znLZJeH0qte5JbzKyxcTwGEIkRHWTDhmf3N7L7ObyJ9NGVasw40ssefAGSwVGrmxPRjOdIoZpaCd_o8bYRdSKdb-dhGqtWufxhLRDNLIW2Wuf0hFmK86_IFISC5otVKJe9M896VotCnKLAtEHlbrix28Rd-5hHhPqPMiUpoRjyh61A9jR_qSf7iazYR7zw1G_qtGQo60pW918UO0iFZ1ofOEpy4cnMo7ieHZdGMDm4SE8UoOvowOFnK3hN8Gy-sKAJkQ19rUrbWIEKlm0Qg_RcBTxHPQ1Dx3ROUCq3i0z49-24ud7tp3bsogjmyAgyOeNQkrlDfvVOhLtsvvzZgQgYFNuHlqrYSoq0cIp9p01xvtjwGsqRM1FZN7k7N7V1kLF9Vj6ZKnC2bt_HuVufVQDYRR2Q5q8Rfqbj_amvvn7UTYyJm5TG4yMo-BrPQgnfGkXkx0lh_CjKwZrT8-KxQ3y-FcZcQxxckrZXYzUuPbWuwR_5Ppxj_Hfbz0uoc_-kcrn3u7zzI5FGo9sXtyamdbbikZA2885WFJsXNEn1dJwf8pzkyDGiU2KIQ_kIBHw8nP9YjZEG969hb1J6hFL2WlKTqUHcWY0mlBNfVsJNbs0PA7NF33WcoEVD1762I9EbFBrAXnKrk3JcP_jhKwl3xUt6wdKEIlMYl181kBo0cxjYytwogMIYzyeDlfAfz4mt4_LulwHbzORqN0BIVt6s5oVWIYAw5EgUNtUGA0ukwU91gLkQD5vGuL1tb0Jt5XoK0FqZkCgPZAZTXYZFb43J2MJl2ANuAi2pPOorodPY3v7FhYNmg2VIQOMIW0bjE4yOSosAUrswUYQzxXhxXhl1wOgzRYto0PlE3jZyn_-YcFN-MPgUcdQN3sJMLddGLOK1zQImMqhy_pGNZD87LFM_ucfZYdIHfukagbA7nVPuKW0k_s58P-bE6JH-bieeQQu9QkqB7ad4U_yqnylsqCNmJEaiO4PtFjZ36a8zvmUR3AbRMk0n6DAkC6ciCeNuVOe4SawryZyk1ddwHu0lLbDOsSyAZqcwids0OV3A3sKOpxoqODH8LYS0t1fKxjzM_JPwcKzZqdf1cr-Fn37s-b07Cp-gvUwoRVPypcT58vEVBJTE9BlAo5bRgVqDMPR0ZUjgvSjvxXB6N_zKyoaZPo4dSzIveTxs5qmd_wPXP2imdNaGf1xenkVsm_a4PquW56LLyBRbUW_QKt1qRvrT26YLF3IWAknWcWoZewWmLl5cBzaDIma_N9X2ZobXJS80drbwBdDPtrIA&pr=13%3AZO6ZkgAAAABpxX4T6Im-FykmNi1urcR-ZGQi7Q&cid=CAQSMgBpAlJWNG_qTrAtvCJjztkYbftH3M6gjLYPRWU0LbiS55VhbSH4EtNnTnSRxZ4GTawnGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ds=l&xdt=0&iif=1&cor=13092340190901110000&adk=217762561&idt=45&cac=0&dtd=30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 01:21:24 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4728 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bgvl1ZjCZW7UiSrv9x2WN4LL4Ql2Fj19HPtFwfkGpG9ZZILH9OWeHcamDaBeHRo6JXH9reOBhFswsBCfUFffcUquwo8P3vF3pHbLvrmR7YqeoWdRNaUF5nkufsPdlj4NKIWA-WmfXKXrSyp8wjtSH5114ztzfp6T8LxHtmIIBPf4bQ4K0&cry=1&dbm_d=AKAmf-BGkHlkHkwgG7movmYg5BBFn7DqxNRlVJWgfyVZZ2tgf30sR5fKZOYq4rFpD2L4K93pPHv7AC1l7vXiGwZFtCyEos82HiMkgD2n5u9Xw-t_5qr_jC-whZzolm00vJYqpjuZ_vItKa-MkyysqGaAkvVGWKTUyGtbmPyHqgSfPVwXyzV87RShvDbsNShbt97XU4Yto-2yuEUV3Z2dAyFadbAGLngvrZLcQ2bwOdjAn3dLJ3BsL_YQoVX8yM-CGxhqH4I-7sWilvXVAX08_vhND5UGTHhk_5pzUZa4tjD34zxEF-_O3eJ9TSI_fbQ9937sB-RTjArliI8F8WQ5LD0fh6eh2q_qPu-AdEdqKVOiZwHwCGbBJQeq81_a1ZiCekZpLMlPUA-9Z4e61UOmYGteZPiCp2VF1Nm9DvnGrKF00Qjv4M6gxPcfV2DjibZglQkrKxZPDC3R0oUzb_AlG8kvwil6n1s-bewFRhcc-q85GVFwhFR1dQWG4fHO0CcoILnLSGyUGnWzuYkmM67FWQhGrjwfYHWKfaHzSRhnB_CrH8LZbRsQ8t5bw3AkdqkK-TOqmI22SPdhOtEA7mL2qJgcJSh2x2TgoLhRMeFWWS2LlCx92K3ID77wFgkpLgDVtgPwIOzHuvhhBbY387ON1I6T4zXbhlKORiWpIRzRO3KmyR0EZnaPbnBTFwiV969Ip0E6ZYqaPa2sjClhHTr2xse4mc6OMQkiOBWpenq1uCMRSUpmzLyAJcSvr0pNyuG4DV7JmXS3rJ-1-CZh_LzyAJcPmvRtVhp3wZ82paMZ_VsOXSG-Vdq_sd7NKL4cwr7ZjajQXgGFZar3u10iUKhZU2dbEfUp8Xz3VX3Aq5_DrvxzwUWylYB001Ru6T81Hb75TauZopSaJo9AByIN9lI-iMnZ6m-vHSdtZ2tafDsHtGZEWtMIyMkEyEZ4fUVDRSbeEUqX7gLzRXX5sUrlIyoYXGG1243VFL5CrZt4P4ESgswUOYGY8cy_Nek7uUkbjuU3OdDXMW7jIClDcrFfFJRItlvxz02ZkJXD4bkzHBI3oDyS8-2RLV0p9iIJWam4llXu5k90OlKK4jKsfqYFSQQ30cfmCOEEbFsfXw6EZyUC_Zorh3oDxeWps1cvXF2Cwwzwzk_bj--U_xq2TsBkBZA64RYot6MVvpMDpxeeC7eY30-a-oqLxeBdvmOTqqbiWmNFfWE-Y-3_t_9VY7NUSf1cwbLFAjkJEd0l0mntN02hNB0-9PoU0nOnhuba7mANGHjYpsJ3BfwD7bcNe4OfqfEbMSRou24Zn5s1g_Pv6GdLSkAuekkhFllJJbyZnRr9MRBvQMYJXpuHhAF7o5PlqaU_5aX6L-pocsIVv1pF9BTQYFjchWSSjDJ25BR-quviH_p4xyDG1oXz5at5eRKpl0IOn-U5wXcFpradvpX4SZpiJiqMsr6BP9rPJZcbdZ0w7E3St6hulqZIhkIoddsjiFahZOaj1k9NnxxuXDCIm8pLnRu29ybIN_1siPwOv_2IaGV3AV5qv9gxOvbK8zMgLoyXTp2lLoxDJSahbMAyc1oCb0XCTwDxl_f6Btph-Sl_J5ivAVo0xAGMxZdBVIAcIDR4J0V6HAfR-msYWLhg1NfcQvGvXz12ecZ3PRSTiMaD9gWj0G8Wc7lEm9UuIhw8Krrjk-FJ4_8SIjjgGb2e14fI4tyFSgn6C2W6beX-A4gLeYOQBKiV9jR0WpX7_fea2JeOHgJymqMPJSigx8MM9cI1qQuNKy8qA6SpxB9gHHlDtbl4yWXR74FXpbjJLajpscet0m058PTbo9xGFsfTv7mLDExU6ZUnZHsBdk5KK4Y7Er6FUY4lc_82KldL1BnCKakZ5LzVhojTIeGXUX0RyFdn1nKRMcJZJCjio1kxmRfwThXFODjbgTcxm1MiKPeCwsjwXbnzikK7YAwgKKbfKv0CVObCIfsMv1cbWOPqkjk0Vt-uLaNiJobXtyzxIbVxb2nT6eJuyiEFZz6Dd27RrKEcxfZD3iDi2Nl2Q5StJ4FYrtguokwmiEfcfH0AIMzDNt_Qv__PJ9fCrYGsD8dEnraeEE9ed50ZeJnClRpxCGClp_jJnpUPp4Hn-htwINinLOsAAQW56CP5znLZJeH0qte5JbzKyxcTwGEIkRHWTDhmf3N7L7ObyJ9NGVasw40ssefAGSwVGrmxPRjOdIoZpaCd_o8bYRdSKdb-dhGqtWufxhLRDNLIW2Wuf0hFmK86_IFISC5otVKJe9M896VotCnKLAtEHlbrix28Rd-5hHhPqPMiUpoRjyh61A9jR_qSf7iazYR7zw1G_qtGQo60pW918UO0iFZ1ofOEpy4cnMo7ieHZdGMDm4SE8UoOvowOFnK3hN8Gy-sKAJkQ19rUrbWIEKlm0Qg_RcBTxHPQ1Dx3ROUCq3i0z49-24ud7tp3bsogjmyAgyOeNQkrlDfvVOhLtsvvzZgQgYFNuHlqrYSoq0cIp9p01xvtjwGsqRM1FZN7k7N7V1kLF9Vj6ZKnC2bt_HuVufVQDYRR2Q5q8Rfqbj_amvvn7UTYyJm5TG4yMo-BrPQgnfGkXkx0lh_CjKwZrT8-KxQ3y-FcZcQxxckrZXYzUuPbWuwR_5Ppxj_Hfbz0uoc_-kcrn3u7zzI5FGo9sXtyamdbbikZA2885WFJsXNEn1dJwf8pzkyDGiU2KIQ_kIBHw8nP9YjZEG969hb1J6hFL2WlKTqUHcWY0mlBNfVsJNbs0PA7NF33WcoEVD1762I9EbFBrAXnKrk3JcP_jhKwl3xUt6wdKEIlMYl181kBo0cxjYytwogMIYzyeDlfAfz4mt4_LulwHbzORqN0BIVt6s5oVWIYAw5EgUNtUGA0ukwU91gLkQD5vGuL1tb0Jt5XoK0FqZkCgPZAZTXYZFb43J2MJl2ANuAi2pPOorodPY3v7FhYNmg2VIQOMIW0bjE4yOSosAUrswUYQzxXhxXhl1wOgzRYto0PlE3jZyn_-YcFN-MPgUcdQN3sJMLddGLOK1zQImMqhy_pGNZD87LFM_ucfZYdIHfukagbA7nVPuKW0k_s58P-bE6JH-bieeQQu9QkqB7ad4U_yqnylsqCNmJEaiO4PtFjZ36a8zvmUR3AbRMk0n6DAkC6ciCeNuVOe4SawryZyk1ddwHu0lLbDOsSyAZqcwids0OV3A3sKOpxoqODH8LYS0t1fKxjzM_JPwcKzZqdf1cr-Fn37s-b07Cp-gvUwoRVPypcT58vEVBJTE9BlAo5bRgVqDMPR0ZUjgvSjvxXB6N_zKyoaZPo4dSzIveTxs5qmd_wPXP2imdNaGf1xenkVsm_a4PquW56LLyBRbUW_QKt1qRvrT26YLF3IWAknWcWoZewWmLl5cBzaDIma_N9X2ZobXJS80drbwBdDPtrIA&pr=13%3AZO6ZkgAAAABpxX4T6Im-FykmNi1urcR-ZGQi7Q&cid=CAQSMgBpAlJWNG_qTrAtvCJjztkYbftH3M6gjLYPRWU0LbiS55VhbSH4EtNnTnSRxZ4GTawnGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ds=l&xdt=0&iif=1&cor=13092340190901110000&adk=217762561&idt=45&cac=0&dtd=30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 03:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
337209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 03:41:15 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 2E9D 		2 KB
985 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52c92a8c2727eeac3fa276d4ef2c5ce04adf1995ad96a2bbb3fbc49afd107e99

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7fe9377e2b470208-ZRH
content-encoding
br
content-type
text/html
date
Wed, 30 Aug 2023 01:21:24 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ww3qTu3qAUkN5RGWV1v8C%2FzecL%2F1fI7ttQzBc9GY6SHrWiT9zxk7ij8QQJZBOuUYCUgvrC4DRe1oEntAbIqE%2BFgJAcyDLubz27g1TbM2AKYLRK0Lk%2FjcGkacrfatTe235T9882YiGmfJOg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230828-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
98
date
Wed, 30 Aug 2023 01:21:24 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
78380
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mxp6936-MXP
pragma
no-cache
server
nginx
x-timer
S1693358484.206474,VS0,VE98
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6B04 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308240101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2065412e0b91ea085f9b2597266803254481eace292da79d7b12b0eb2cac06be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11596
x-xss-protection
0
dr
as.ad4m.at/ad/ Frame 4C87 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jgvw9p13k5gvcq8q76dgn2076mns0hpqngn735vm9h5znge5cdew47rw0feh6bseam2f8ygcjr6cewzhtv5geq8ft6gm3hcg53h6kqs67y2ema6x0mdsbjb953hcs1pectez2632b8t2dp87tq5nbkfmjvc98z1e9h0z026smktb5qws35dmnzzp5s74jtjthdpe30e49dsg587rx9enc3py6bwa8vzm2zav2fgk1bvwkszvhpa4yxw8svppp1f4n4t3htp4vg7hm13th7ajev213dahz5wq69ym9azjh707zzb6ahypja4ew0zmb00fhxdcmz8mnbdxrf36brv1e5kjr8ejpc54etj40a4t9rs5dvpwdbk056vkkg8w2bkx1qrmx8mwnn7vppwbd0tjcmtjd1jp2p4gaahzvxpg5tj7vsjap4kdqm086anxjha8s4wv48t03ag&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvUu2k5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoElgJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmawa6XZtPQsrUPglQMxY5iqWfonWbXLWIz7zOCJ6ypedVFa_8s6g0k7qdYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0wlaYbxeks7XFQ0NQCaTCqoq2Q-A%26client%3Dca-pub-3216231935713038%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2852665323357970481&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3323&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=709001778&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&ga_hid=1500233466&dt=1693358483295&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&bdt=1354&dtd=142&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f5b3edabc05b8a6bddc3ff3901d7ed1f89c54f6b8bdc915013eaad6c1e1c9bc
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7fe9377e7fef0dc5-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:24 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 32FB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2852665323357970481&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3323&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=709001778&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&ga_hid=1500233466&dt=1693358483295&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&bdt=1354&dtd=142&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 21:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
12920
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 21:46:04 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9E9B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2852665323357970481&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3323&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=709001778&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&ga_hid=1500233466&dt=1693358483295&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&bdt=1354&dtd=142&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
50845
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 11:13:59 GMT
etag
48472445140208031
expires
Wed, 30 Aug 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 32FB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2852665323357970481&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3323&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=709001778&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&ga_hid=1500233466&dt=1693358483295&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&bdt=1354&dtd=142&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
41117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:56:07 GMT
l
www.google.com/ads/measurement/ Frame 32FB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRBKS0aE1SrHSD42yVc-n36ec69sqZ15FK5Qb8ozxilnp_pM641P1VxxLx8fg3AIIhIh07s3Hvzh3ZMp5Nw9jBbh3T4ag
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2852665323357970481&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3323&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=709001778&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&ga_hid=1500233466&dt=1693358483295&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&bdt=1354&dtd=142&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 32FB 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2852665323357970481&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3323&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=709001778&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&ga_hid=1500233466&dt=1693358483295&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&bdt=1354&dtd=142&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 01:21:24 GMT
r62eglto.js
ad4m.at/ Frame 4728 		25 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
31855
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHL44nIoMc4qzg8llKZhMyDKOGA3kJe2uCfTygwuzmQRohqcyb5XpNqGsTF1QC6AaotsrOHoC9d4AFCqXDqV9SHUbw6f6oNbGV1tw2697ujE9xGYbKpbqLCQQ90uWL93t0iGEME%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7fe9377e6feb0dc5-MXP
alt-svc
h3=":443"; ma=86400
expires
Tue, 29 Aug 2023 16:30:19 GMT
frame.html
ad4m.at/ Frame 33B9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
1455091
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7fe9377e7fee0dc5-MXP
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 01:21:24 GMT
expires
Wed, 09 Aug 2023 01:00:19 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rbFsrrHAvkcZBUZ0buxY36hUlvatxlVtk3a8GdrWSDa6DTkKhe3uYcQHeSD7AegXpBhI%2BDt3pYd9jqxnLvD68PxhMgH2R49avTyEeB8%2FNlt%2B8piDh0rallujhkhtuhTbvdnwXg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E3E7 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DqcqnnkLCO_yEA_dUPa6dhVoUiO8VpS-oZGX0Ir2tAIM5BTigHkFOWnNLBGNuwiU0pqBBtI8M9Xmy_JPuRzYmVju1_SIY2sFizycWxP76KEeDEAW0tQxPvL4rfSDMKExHBbBIEomrv7L2iymnKM2y_bSFjupYkUdOmxILgsSRRPjQwqso&cry=1&dbm_d=AKAmf-CP9RvZ-rShTHOrfp3vFK7lRc9wErSGy-Q-4kFkqGweAAB5WB-ojXRIP2U98MCqv36HT4mH7qN-jlVQn_L1iVn1Xew2fydX10LHIe-blCktiarMReACABXGW-9zTDoS7kDk9t-0K_OEasxwwfcWu-wlqLRDT6sci2lPshJER5_OeYIKEYRX9wZqMBTUwr6BMwWzKFXRKfFf_Nw3qFKWezSP1Ok7_vfMkXIJnWguoXIjycmxHl2sxiK2iaNEQgo5xwcGshTvSK2u94gdVSkJtldaVsNRODuWmhYtegw7g_pqaiSo05iRmCkyxZIhL_4WGxc0p48K79e8sZRCepz-epKnMtRm9Shrf7dbGrcSbJTYlgktFRMxPctieBCRapM7VRgr12F_TJG25QaFu194vDi0px4_d3bspXGEAZ5qAp_UK92eqCYyVf5N2qpHxb7JPIKi3HTK31rYsWC6cwAwIhjtwcLq-0EbeOV82QRzNmCRxCewefGmL6R8t8gEy_xK1SM3_XrnzNykq8_eOpB9BCHbdg7U9zCjIViXxmD3rppCnGJHwblU6W1GJKLzJbZk_zoJRkWF-wsIq1qEZVD2Gvpz3pt0poMnzMf310DKVd6K-K_znwcpMQgMo1UXAEZ7ADXQu84Wr2gSdLNNpc3KzLjx42DRxp01qEniP7ELmqOnTohRnvS-xwt3h-4iJpKgqem_v3Qc1_Is0FYPJa9IdZWtVzFoQa3O7qC1qSO61az_IJ0YvDelwBD682941XicI_MfdvuILbiVNultSqxVazPHD2gYCw1JvW_AKGSGAsuat5ZxR5jXzY6QNiRs0NiVcvBkG3JtzP6b8Mp5FOZOqa2vCdWxgBjmPenC0uVLF81MU0Zl1rLIvtyHZu_Uv8qR14w1HCbh-plP9XLgsgqBD-ErabRupbwkKPJqYU0biARHNtHumKVVrbaSthpZiRV11UCgmfNTBS-GJa4HizHwjyTjvujV3ZouOxkZpKKMYFEP8oK3pOy6f_lq1WUtvr6mJCNpenf0pm2ZdcgQpVi-MU1lQkQ7x_NBL8LZi85vuD8HGxVSbLXvE1XH9KHXeQegIQGy6kGWAE8p2jZDA0nAYT6PEcNKabg_JcpKfQllBgH_BKteCsrKWV8m8wiIpQX7o0cOSu2cgNtPpotDoj7M9eIr_GHp-VmQboTjrHV7cuc2rAMZlKr4cxQ1Gl5AR9tAEgqEeNWPpIw6-6kzPdd1seKPd_v3Cu7J1_rbN-E-9eBlmI0w4XH75X30ZjwWaoFgyC1641G-l66abNyMCSOnc2AguWVDRuXNlJaP8MbalcuG6LkqpxfboEvgAPn0qna3ezKo6u5cKDKHJSFrQsSytgiFZGJ_HMM6j7zXD1DcS-trTAoiX68DxreeZqkwhYz5KCVywTKLkk-2Ps5rqQOXtF2fHJJYii-xnGS82mp9HTyasvRRiYLgVYEu6qU3DemKeeonx7mMuchWNl3B4pNLh4bnGps1FEjEhjkmM07y-pdMosPIHARIIIMxxYil4Ttr4epJ4ZuWb00rND5-i4mR4uQhSQOM6Yf5Eb6MxoNkaDWn-MwMr3ErNb0KwguBRXV0hirEREpCud6k1ewM1KbuU2EWSABcGDU7Wwn5f7K7qUH0BbuieOtbhhEztP4He2UE7VUb4C-mVaHwzBuKM-mKZdBSmK4xzY4Ra4Z4xluWxfHBQKusMUJCyKF1ux-pdWdzHFf6WBUZYeHUZvfPLk6P3pDM5_mjBPFjsKu4BVUByPEf1LWseA7pkua5LR6G9C5P_MQ-aRrXCgPD2oFzDUqZ2nJQVjOc-2eHJ61dGYNWdKL1i35HI9wewpTzkJx6pnCXpBqSzuucEWrunrlJgLXbUftLoAW6iAx2whh7Ys1hVaNzoSWmkY4Fp9KlQZ-qDQpb3j0nzsOCNM3QKhv9Rx7WwJWTQXlpy66wmhsH9h-UHGDBxEK-bUdw9XYqxQOpqnbh_W5UfFzSXzfI2dgO3_jk4tZMROReMdHtRzxI8g0IY38g5AOoETr2F6115TBK7SqOFwoHpgLOxpf0LaupPby7C9JtJ1x4hVCwbmXk6HibE6gpsFEKJxQqJmMNTrWUZ6iHwcCvN2h4NjjYPHGh8lzTPkb0KW8_0iseVH_yJkSK4p9-nHKytSKlLX6wRZ_FNkTKIHuK1jZ0k2vWtJRZ4aa-FuC6J4CcWyZsQydqR_fjllctI-ettYYTi2s9E8yJVsHPSCkaeJvvwlirGYluX1yQTjBhezwIf5TQI8iQsLYQ35FTPXi_HIKBYb0ohmsv_Dhhlyi7V8n7ZBUFGO9Fw2xddpmvIkTgiG2nURXqsu5zyjyBo532TkEtVRfZ_xAXbSrOZQEIj1p3yTDHnnqtESBKCVCeuRXYou4d48CMWKZyacQ286Fig29vjCWOkshclVcJCd6b5p7netUL6G5ep41LmK_f4Hr1ZwsAsFg8wcBu-_DGeSGz_ba5vAeb-fkPcsbdisnzUzEJ_3bKKKvrbAUUbxFeufO1ESGfEiwA7VyXuSek0lCafPqRqJjevaoWOK9N8xOuZA7WcAIhMyS7fAXj1AT393hSJjklX03c_tZEDVnIhLeAFva6kzBqaIg21ckUiT7_AA87UIKULgs_vxKcJTbItj90lydUR9Tey5LShWpR0H6sodK1RxVYHQj5mzCHPdSophXvafVfiY_RvqKZce3lfmBnPCAnXE6jkB_Rfl4lVHPvpZ-0brXNcITfASpk4ymTd1NK5RDMnHhULBSVNhCPf6w0gcikTrlenskgR3_T7HLtkcPuBrD8SCBr1jYqnONqpNLZCXGIFjKev8GAxgoxmPacOFKiyNdnBuUIlUcYI1g9-dFWmgCE4buDiQTKo_qerM8KIfCrd5voiDgtxmcM88dhDvgk1wPG2UIyha1yt1FMw6JXiOsBao40oSCWp6E_Wv6uT7laSasRbC7Z418O4WRgGZBHruxR6s-twVkGx6gLmCMe8QSYGefY0O2w1XpN6se5dT01ZyS2XbpPEEgSXqvOjYpZz75sNHG8SVYZ4obuvIGTuxrwdnth11e9FUwZQ4CUrXPyIT3Pc4De1GLgszde6Qf3XnsNKNC8vT8bjOwDzzmbkTpakHyVnN1RumFtnMdntaQidwKVd_Zpcapmol6sQR5wYi3HuP-n7igv7gpUr6mQMt0oQSb79I39zBTk5N8QxLIJpwQ6DeBPYuGPDVR_S5uTHqMeV6s6-bYqQdGRtrpcV4tbDKHBRCQ1j20vJ9nQOsO_Z52AdcQDNwsgOFUivl8AoX4BgjlZs2A0VVHZ9FjpYzxx85XreT2Zi--Dk8SxgFeWI0a2dgcnc3W3VjIBzIue1WBM3zk9k3pepWyB241IQiBPcZSfh1QkRZH91jW5Pzs2UDuArkTTK8KtSkg2Qipjd-jnxa5fg_Kotmf239_-NKVwNhS_ZDNzQb1cD_qb62G1DwIxAk1gMvEz5jhoQ512ox7_O8V4HTx4Az6-WoFQrDmr760N2h_xpRTO2dX5gjC7b4p3lz-b9FyYWCYfD2BAIr4NHYSpSuM27xHDtvnPCsRuPkzmvrc7fNF0oIB3JFizQ45TUf8yAlAqQ0Dwoty7h5w98PD10ZatDTcqa7R7BkMtQ1xSP50BWpsl5Gx1Eqzx7HFauBh2Ns53domEN6qZ3kFB_HVqJMLdPf3BZnAgahH4nUCvA5xxOZp2yrlyyzoDMEoDzm5p3ygNTvdXuPVTe3cl_71FIVEmSXkObshfOM-QGz1c4eF5rsSR5gBajurUw6H-xwsHUQk9A-D2DANk-G22-N7Psug6tiSDrvUnBKcfHOoWbgJeb2jCaqN4Ux-fEva8thD6ovlWa-2tC0m2E4Pi5LVDiFWdsxnIv4v5I3lhQAMBasM_QyWkmGLDzTy3dOQASuM9-OvQeBROR_HuDxFYCQMcaxXSsANQCbJR6ro1VE1kupXxvAP4aOZd&cid=CAQSSwBpAlJWjVEMPG-CZSsF3vGb98JQf8ob35zJDhOGfFshVf4guAg3ZVtCKRDlHqNYLgtZVohBFkAvnKEVnZRpfS68nb_Ytwmq4VjT-BgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=13042882315101980000&adk=1033480531&idt=41&cac=0&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 03:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
337209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 03:41:15 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A4E0 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308240101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7cb7f4b280dba64eca19673b363dc1aaeb8deb027ac883653a4bc75974dd98dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11781
x-xss-protection
0
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_2/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
via
1.1 46c9f6285b432bb7ca825d1b5670a6b0.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
MXP64-C1
age
1952008
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-mxp6936-MXP
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1693358484.326530,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
GYJJg7cHa9StY_p8FziuGzT8rJ8lRYh0JE2SiZPd1FnWWMlxlyRlkA==
x-cache-hits
123247
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.4.4/ 		447 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.4/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_2/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
5de76ff60eda0bfa1c2f0e340e7adfec5b207928469ad3ad7061f45cac0a691b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1693040855
date
Wed, 30 Aug 2023 01:21:24 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
5K9BYSYP22DQWPR2
age
317552
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693040868
x-amz-meta-mode
33188
content-length
85926
x-amz-id-2
dI+ZfnxT6mZUg0vlwZO42usodvT7aQfb3qwQXEpiOQddDjJ1I0iyzGqj4lHDQvIXgXib3M3lKoM=
x-served-by
cache-mxp6936-MXP
last-modified
Sat, 26 Aug 2023 09:07:49 GMT
server
AmazonS3-br
x-timer
S1693358484.341126,VS0,VE0
etag
"f98915fe7e33338ebfb2b4bd709ec9cc"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
188078
sync
am-match.taboola.com/ Frame 7144 		439 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8PiECLAa8JzwHt3tzFBJ4T3gObvfmKCwAAABgYID-AElMHKPhyOVYS0zD1Vo0WXnWEsdouVaOXMbFxDSZzUY2IyCJiWM0HLkca4lpuFqLJivPWuIYLdfKkcu4mJgms9nIZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZyaDodPte9Xvf73SU-z1zj9yv80qPDLXW6hQ6_W_h02H1u4dPhd0udLrfU6XJLnQ67W-Kw-9wao-stfDrsbpHDLXe63qK_6y12uDVGl1tz9LveEqdb53K6dX-3xuh0ix12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkchMNycV1-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEKGeKUmz0EJ4IgWxRRgBAAAAgFVYcz8ySSeoWFT5___vtwJwBQAgQJHooFwoi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHqOXNMA8TM3q_kFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOZYrXarmXPmGW0cLs9sOXH5hhPDxDnauBwm42Z7BBWMF75kfCH7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYhvMzHZlpO1ZjJYuEWz4WytcHkca9lotjAsXJ6VceZxi14f08VlXMwcky0SDMDbi-RpkU5kE4thuNjYFo6JceZymYYT52Q3spgGs5Vl49vNJmKJ5mSRTmSXfc2xWu1WM-fMM9o4XJ7ZcuLyDSeGiXO0cTlMxs2-4ttMTLblZK2ZDBZu0Ww4WytcHsdaNpotDAuXZ2Wcedyi18d0cRkXM8dk35gtN5vVcDSc7Buz5WazGo6Gk32HzvBdfc5GZVkl-bj8Kt224bo5DQqXweJ9qU_nYcFYkE47R6dLpHgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hlx4dbqnTLXT43cKnw-5zC58Ov1vqdLmlTpdb6nTY3RKH3efWGF1v4dNhd4scbrnT9Rb9XW-xw60xutyao9_1ljjdOpfTrfu7NUanW-ywC01vs0UsEZwu0onoZTxd1H_kELvZXDGYKwa7uWQzXCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptA8Cju____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIyWS22D8AFWKtVqvbjbVarYAFshwMRxP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_2/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
4b673474d7fe2ad7a98b5617fb084c233ca9940c11333a138cf1eec90d71a0e0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 30 Aug 2023 01:21:24 GMT
machineid
3406
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PiECLAa8JzwHt3tzFBJ4T3gObvfmKCwAAABgYID-AElMHKPhyOVYS0zD1Vo0WXnWEsdouVaOXMbFxDSZzUY2IyCJiWM0HLkca4lpuFqLJivPWuIYLdfKkcu4mJgms9nIZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZyaDodPte9Xvf73SU-z1zj9yv80qPDLXW6hQ6_W_h02H1u4dPhd0udLrfU6XJLnQ67W-Kw-9wao-stfDrsbpHDLXe63qK_6y12uDVGl1tz9LveEqdb53K6dX-3xuh0ix12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkchMNycV1-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEKGeKUmz0EJ4IgWxRRgBAAAAgFVYcz8ySSeoWFT5___vtwJwBQAgQJHooFwoi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHqOXNMA8TM3q_kFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOZYrXarmXPmGW0cLs9sOXH5hhPDxDnauBwm42Z7BBWMF75kfCH7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYhvMzHZlpO1ZjJYuEWz4WytcHkca9lotjAsXJ6VceZxi14f08VlXMwcky0SDMDbi-RpkU5kE4thuNjYFo6JceZymYYT52Q3spgGs5Vl49vNJmKJ5mSRTmSXfc2xWu1WM-fMM9o4XJ7ZcuLyDSeGiXO0cTlMxs2-4ttMTLblZK2ZDBZu0Ww4WytcHsdaNpotDAuXZ2Wcedyi18d0cRkXM8dk35gtN5vVcDSc7Buz5WazGo6Gk32HzvBdfc5GZVkl-bj8Kt224bo5DQqXweJ9qU_nYcFYkE47R6dLpHgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hlx4dbqnTLXT43cKnw-5zC58Ov1vqdLmlTpdb6nTY3RKH3efWGF1v4dNhd4scbrnT9Rb9XW-xw60xutyao9_1ljjdOpfTrfu7NUanW-ywC01vs0UsEZwu0onoZTxd1H_kELvZXDGYKwa7uWQzXCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptA8Cju____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIyWS22D8AFWKtVqvbjbVarYAFshwMRxP4____Dw!&cmcv=&pix=31579697&cb=1693358484339&uv=3322&tms=1693358484339&su=3&abt=eidc_vA!ll142893-147_vC!nonrv_vA!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
content-length
0
server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6B04 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Aug 2023 01:21:24 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4467 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DyapTsQdAobKGRw0tUhLDNm_9oUJPaMWjABqCMkv1XGB_gQHvwi_haksDfOTRmh9YQM0qG4DQ9eC6N46J9zNa3639K9K2c1MJunjfBoxXBOD_g8wa5LEEgz_ArQYy_ssDDBS6T32DNHmbJ73q0mzNrB0kK_Kq-BabTo_r8MxuxqIcHbiw&cry=1&dbm_d=AKAmf-BtEXENcSOp2Qa-uBOekbE_mWICPjuUMgBy_piwmIeet6FtR6u7ur02nGVdeGeNRH5fn-bte-luwjoTRHLiCvdSLmY6WLYxghkQ2T5f1p0rLJiUxIG4PYk-e79oiorEYLMQSoV68Eo8Zsu5wbOVQsjGVKUwJ05CBFpb4PrzKsL437EKkbDEMEKAd3W1gX1ogo3Ti4dF3KMqjWrmxI9PTfDwS5_Y9k2TAtWBlKoeow3t8_Uw53d_p9oqaGbZY7AQUNfhccJyGNbCKcoEPRCOdAh1NTjaXtXunXyaHh4fqxpT1pEdAzuGWkcy5KtEU0CriuQJmvwe9V8qBxebX1lXOvZmsNmZpTBeLR025nD5AQMG-anzLbWHt46Al8NcXokecbag9afYFkodrmNfISQYaYM7JayJ24PRMmsdxALGC00uojIoC0_-Cs0QiH8hFZO9XyUY0IapwKvnAw3pIwiG0tcbM85DDE4rJhkAaGmGCD0AHx1hIWk4nBwrbLsL2MJhaoGFE1p_9jI10LQtKgkv6Uj0EKvKgq-tzV4s4oqH5vD90hYO2qP5SQtSSfUQihYfT9QenDHgaRKq7nxlBTpv7FZV50mCfI3mehCHsgZRUOW-0MYEMola_i1o6L3N97jiSrpPlwJ91rtzzFKlfOFcLE_1BF3zZGAJ5rc8t2hTcrD006HdydTQTcvWDuQmjVSUmVUplO0f1zU4IFjwdjN1J8783rCoYsWXK49hC7nLko36TorB2cC27i6Nr4BQPhO_jELwsFzhzJngISB9u_bEWNzQCxIS61fNyMGvMNfENZFuAHDgORGZTEi08y1jN_s0j6P2D_jVciamhnsf0Vz3fIlH1_KXdLSvTaJDtXrkdh_SEqAhw9KOSP-bX5-MMkJNLCDfwa3Vzpt_TxcuDoHJtjN-FfQTk6JP-zl1Cbae9AJ2mKb0wMzkREYCW5A4g5thH2ILME18PfdJb5BjtZHogS0-ln-JrVzleEvjwgN6YfmQrJ0CmTBCenSMvkxvtOoTBVX5QDTlWRtl_E_ygyPXw3Z2GjxYYOtZCwZNikvVo65pGdIaBJCBA8OWJbk4RBUHgB7iOUZ6CtWByF3HvwcmB7yVVUPt9irnk-fjVRfQj3GwmzKci2XhLzXJjPAfXCWqmrgyMLs44HTW23PNIE_6N0v9Fu3A3mNx27LoZV1RfbI-Vj8sRB7LR_C7_u2ZPnMDPqVlPUgl4-LRGrui8xkXfr3iGs5wwcqzLDYf5BChSzaAskf1tTiBPdq2V84LqAYxlK_SVc96axVc94SZJ8CF2XWSnY-Gk9OTXy1leMGjpyplaGS7881z_HUjPtMO8nE3VaeLC7NN1WTqixVPLjX2iKqxUqu-Jz2j2ASm5eMGRPHdPb8pstjgsrGaL7UkGH8D0wy5KrdF4fxNEepmAW7sXUt_aeh5UieZc5Ia2yxjy0ZdthTAn0e0Zy7dqrfrE8Rv-MvOPSEbjJ3kAqOXBEOg7xMQxNRbISJcYLYUHAAH0kIxrFjISF5TV6mh9BQfMy10s4BVjV1og06qC808eoP0QeIFu8RRN1gJ6-MFzDDoQhYC2kz1wybKsn_3xBVIr232GZMdoiu9NbIXb7RhyRv9z8_HXtsmgEnl3gIMJRB59GV_mqUYYi7UBPRm8O8OVjh9D2zv2_IPeucxjLSGJNYJR1J-Mk6D7BBrs_5e_9oywHSEIp3DHktjg7wnaeyfJYzcImVg4MqYn2rN6cvxYi8ls93rAXDiCR-LylTjdFITjjGLpFsRiWT7VHDlvU9R85zU4zCOWXMUg09H7V4h7pHjD59enDbW4WVOgNTDaJtoUUA28gILKdI1RdU9uHCkFHEGWA268rMeSK5_oKyVAr3k2qNMgTxzLxHRSYozJNIh7CCUgw1Y6zqzdUC7zildm4PUR5mA9yuflFmY4iiHMB3xwBgLhgUsmrIyGMY5Lyx9uIV7LFFK5Ztjh0yIOztk9_a5V2__jj_JtGYn3KTgJBsRx3mmY-7zZnzOSO_Omw8Ij75mqcRnnDS_1yrrWOIytBo-BBANyK27Xt5VzATMOr7vXWkhyElDpAhu7edAVFNUo0j-iRTKMMeatSn2zyqUnKZJmy6xo12ItABOJYVScC6qIRz6xVLur_fsBjyJ7eQSn30BqDZYbRe4D12h_8599e-cvrLiiu6l96sJwU-4VweZn6sul3Z_BRoaH2PaxU4xJ8AAWn5zesnTji4hPBRlpDwh3MeDdm39P9vOTBPX23U3mPN63cMMv5OGBzrJr7Fuh2tN0c_wMPfBsA0D6PeME1w3j9Q94XY4dfXDkBoq4E0hdF2xHNDQXbdq-k0nl0676bCioV1fhLfKRZsvsy-n0RCQSVemMzDVW0ANSziaxlhUKk8eDf1EvCaTBp6qAs67UR5a48KhGrJAbLR1ja-CLa2spCoyNKGbMAywadpuyOv_L8ThPdtNi6w2FvNnVME_okHd-OYyp37Ke7-PXGXGR8geFUmC8vJunOAAusZ9WW50sOEVe5alj8s-3Ot_6FjvyMb9VcSkTrSW-z9bt7GU_PpReHQc-i6OP_Ldm0zIwvNW0EOcy976hDtJp0vMWmI2qTmE96dLSlVFPMQdEtWqjOX0HfTq9wmU27q7FKLa1wpYXRv2UfX9UgaRMbxwInrSHa6WLegn7NuNoPzZuhghgxFTdSj3hLF8S-HCyP0lq00X4GT7I3-21CQn2I4Gxsc5wV2lDKlMToJCejH-m2FC__5CtTetAaX5jll2Z_zq76ClOewW_Y3ZwFdVRP1JRRIDJYphYYeYgNCB6C30KIUC_wJrZOxockaHeZWkNy0YaBRa5nN97RptAAytA7m33GG_959kMC35MrwtEmUZmGnWN0mMyqgEU5DTYBWUlDjtz9oKxiv6xHRROicRS1aHrfrNJprxo6W14umkKwHr8sboh2mtyUwOQx3cVUx85sh-TZylzxOmH8dI9yl8bTUZBvtfy5Svv_T1qDKJeH5zqBWUR32zOiEAa5HMGlanAUrTSki8LsuIe4xrwceGMcl1JLeVUoHUyZuJPEqeHIaLmi63VMF1NXp8E_-5IKIhY1LLtkxlBHgacyrdbKmup718o38fSM0aKg1YWqsktBE2KunQ_7Indj2vuI-So-KSdMBgeiVxRG59u8BXHyWQBklEcj11PWe51bSSngOa0NjyZPuoUvVSwPI9qgrYYu9pEM0YdxuQ5-GBJAjYmhC-lWd-hmlOAFdup_2oGZRXD_tUKX_7W8ZHnJgNZgREtDJO6F1NoqLmBVgWKFKuiXbnKlputiDcfv94B1JZaBXotJUnqKqn0U2DMbr_9ET_OkeI67ZMf-3AG7trEY5qhQvxWdTkv7-KcGsBs6qwr3K0aOPyItaVi3sIjWWI6QiGYNv5_uV2OvGl7hGGpkhOki2KKyQmf_Qxc_7mr4vjyLdNAlBEeGhjI7yTXuFXOB8EVj6Qvr_ylxXcG819CFxi32eWop2Xx2yJKsEZvFQGhBl5rgIXg2Gor6PTWl15G3TJjO6kaFyikLYaBlPor9kuQZSV9uC5SCC1K4R2cF_Yaik704rts4Ktk3jedbBPvOj5lbSX0fFzEPQosi-M-v4AOElQhnKFxtNZuHNhj6b9yENSHaGL4evjNLrz7FDbknIVtkJbZwPRxebfeitsFEc6aEJ0Pc8aFCJCFtiYZnDTBQYVJ4bKi35pVc9gebSRm-bwxb38wWFKXj_vLVC7tU_3U1d0RuhRXRyWVExvbCsWJkwYkPW1CC25eSju14r1udpd9DYyELW0E4u9ELwadXvoVpOxQl97I2SMn0VpGRhHyluZ2V-3xhjSo7bNFEQe3YRxC4Il63xKrHg-1nFkx1Xy_kxfBoWNhFl8TD8W54T8rv8VDrIrDsRkDwX-ZizeDFt9psxI46zyurbIT7r2JmzBrWunlLzED2B4YRNOPAwsd9-LosPDgOCcGj839GdG4yKR&cid=CAQSSwBpAlJWjVEMPG-CZSsF3vGb98JQf8ob35zJDhOGfFshVf4guAg3ZVtCKRDlHqNYLgtZVohBFkAvnKEVnZRpfS68nb_Ytwmq4VjT-BgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=2993847580144249000&adk=4188270525&idt=55&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 03:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
337209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 03:41:15 GMT
dcm
s.amazon-adsystem.com/ Frame 2E9D 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO6Zk_k6rGJK08KKXgKetwAAFJsAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VJWHX04WEXYHMB21V99P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 2E9D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 2E9D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZO6Zk_k6rGJK08KKXgKetwAAFJsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIqUHn9d3u6rwQ-bM5cXCe8&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIqUHn9d3u6rwQ-bM5cXCe8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8AM8ofC82IMGXfWz7ZkpR6OPmU5MQKfI4eVFvctvWGos0QyipiYnQ9DrCz%2FYTBVyCR2mKkZzgfMHYVa%2BuTtyFg81aDSUfUmQM7vHxjq3pG5m6gUYwX6n%2Brb4T40PKP2l%2F179sCksPAJ8g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7fe937804c3501db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIqUHn9d3u6rwQ-bM5cXCe8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2E9D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4853856628407888645
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4853856628407888645
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9FIHG%2BVh4dZwoxKvqvLmtWYVTT9WkPeZOHrO4KHEgDyohtJk6bLL01tzIZwdqFweHZU8OPY7MvrTd8idbS%2FzUJdjkjxVym8YZzSmFYxBI3b5tnU76%2FLceDqxZjfr6jr74nHe2yHvGzx0sg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7fe937804c3801db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
an-x-request-uuid
a63d5ffa-1e22-48da-9442-b02f6ec18cf3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4853856628407888645
x-proxy-origin
176.10.107.238; 176.10.107.238; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
r.casalemedia.com/ Frame 2E9D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=e1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=e1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=e1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=e1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=e1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=e1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Wed, 30 Aug 2023 01:21:25 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=e1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tp_out
d.adroll.com/cm/index/ Frame 2E9D 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:68a7:929a:9ab1:3195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 2E9D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZO6ZlAAMXlM9EQA_
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZO6ZlAAMXlM9EQA_&_test=ZO6ZlAAMXlM9EQA_
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZO6ZlAAMXlM9EQA_&_test=ZO6ZlAAMXlM9EQA_
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hi6qYNuKljJRmBtwfLMTdxk7Ua1FGKHipNSzvBH%2Ffhho0HIXu4rpGZY90SLT58UcSedwzSreMubdYxtzWyyW9Rx%2BE%2BPnGiL2LGqYFFkGEab0DOCz6DqzwXVbkbSAal2VDC%2B0u20Xrpceyg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7fe937829d3801db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-mxp6967-MXP
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1693358485.746538,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZO6ZlAAMXlM9EQA_&_test=ZO6ZlAAMXlM9EQA_
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ZO6Zk_k6rGJK08KKXgKetwAAFJsAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2E9D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZO6Zk_k6rGJK08KKXgKetwAAFJsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZO6Zk_k6rGJK08KKXgKetwAAFJsAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZO6Zk_k6rGJK08KKXgKetwAAFJsAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol
H2
Server
2a05:d018:d29:3602:2dd:853d:91ea:688e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZO6Zk_k6rGJK08KKXgKetwAAFJsAAAIB
date
Wed, 30 Aug 2023 01:21:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 2E9D 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?ZO6Zk-k6rGJK08KKXgKetwAA%265275=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
51
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7fe937800e5801fc-ZRH
content-length
43
expires
Wed, 30 Aug 2023 05:21:24 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Wed, 30 Aug 2023 01:21:24 GMT
via
1.1 varnish
x-amz-request-id
DM4PFN0WZV5ZS5NS
age
6898
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
QYSQ4/qAqV4Hb4K6M+GoojBK1e8pnhtotO1/yTxdJpopul6YDUPXKzR3ArITbOLUVAA12TmhKuQ=
x-served-by
cache-mxp6936-MXP
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1693358484.365592,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
65
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
224
ar0wka2ffzvy
hal9000.redintelligence.net/zone/ Frame E3E7 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/ar0wka2ffzvy?subid=&gdpr=&gdpr_consent=&rnd=1693358483028861&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGUHbk5nuZL3hAYTB-gaoroa4BKblvaBp_ZCcp8kP8C4QASC6hMAzYJUCyAEJqQIhXsNpQECyPqgDAcgDmwSqBOUBT9BDINRxbYeFiExI7SxDifdWZy-PPgZvgGyQh0xBBZ5BhksdJvG4d_WSzRQh8cGNWw3CGLlblrwQbzZPBOMBj2RZsHX9nzGXHFW5M0ubPvjJRw4xB_hpRMSAfFPeIfgThczbPP9-ZEN4Q4qlTZmALRRUzAJfnIUq9mSJ1yZMCVQNpj_dzHYWZUqeiGLTyaYFgxYdyF1qjPhiQqhlRVxzl3MdtV71VzFeXHq-DAHP_1W9pojE36ZLj7YmLcExOJRg2F0B6aULZ2dvw7foG2JbupK8xhJY5CbhEno8JCYjgK3GN5nCKcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI_fbu9puDgQMVhKDeCh0olwFHEAEYASAAEgKbSvD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWjVEMPG-CZSsF3vGb98JQf8ob35zJDhOGfFshVf4guAg3ZVtCKRDlHqNYLgtZVohBFkAvnKEVnZRpfS68nb_Ytwmq4VjT-BgB%26sig%3DAOD64_3qBjmdcJrcv07nHHU2D3ocFSg0Bg%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CAlBPxsCJ7Kdq3tU_AEhHpd49lhcfITQkQy4poSwwlBP1CRxnCowCUUI1fs9J14-FgUAUbHNZr8mjWhMkX2Z5PZxWZrrgZxG7WHt5rsI8rugTqDd0qDFxviFW1b8nOSsp7nrPlweA8Qj5qE347FKq_zT575dVweRDZEGGaoMaT8Iz2JoA%26cry%3D1%26dbm_d%3DAKAmf-DCzz0H0pjgmy7ngHZCsoSWHI2fDb3H_UqQ4mt0WdAqz9ziQI0gzrjeQCGxKY2akV_EeYxXwW47kEWP7vYXo1Yvg42Im0QXTAKUjnPU1H0gIPNRVmAyERNlRm6eXharkMkA-tUBjXHoozz7zY1CiQb8Krtud1eB9E4VlGpOO-scLDkw7UyKzWLKbULtyu24QjJFacrNOfD65_JdHiHoNAXSM1fY23mACZEP4_LTD2OQTo5FUR8PiQDfytBxgaeIRso7i9HiBqeVvf8LhCz7TRCIapasfjW7-xWRg6nXEkWh1-X-ZnfK3nahxm7gAfO-EPRrC1xJYuIcmb08isfswieArXcd0ZDLLSKI595UPeX6u0THW6rSY5SIvJgIFCaqi4cnt1No0e42o_76z_Tkth1-2wBhp6tJ3bV_-GEvJwLHb-F8XHQhn2vewHtO2si1OesJp6BJIdhocI7lgTh0AjEl2OCaUFeevS9_xiobX9gh83OpP84TgllV9P_La1EO_4szw2nMRlx-zUaCqgqFLmysJSdtk9lgrdl7Khug1LGt94rL9VBr4uBr-1a4yKqQXqCkahVPfDR6IUVk1aSdnNkqm2GnJYy7A5Kd1ppZ1R7pAKOxCeL6-8Zsbtlm89GLKEFwjnnR3Q43Orpep8ZjLwgSphKjeQBvqfYrTzMK_qRwGjCKoyY%26adurl%3D
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
1a2db5812f1e88abda4a5c9b7d626aac4987ab46525d25057200c160ae1450d5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 01:21:24 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4320
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
pagead2.googlesyndication.com/bg/ Frame 4599 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 19:55:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
192364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14795
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Aug 2024 19:55:20 GMT
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 4C87 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jgvw9p13k5gvcq8q76dgn2076mns0hpqngn735vm9h5znge5cdew47rw0feh6bseam2f8ygcjr6cewzhtv5geq8ft6gm3hcg53h6kqs67y2ema6x0mdsbjb953hcs1pectez2632b8t2dp87tq5nbkfmjvc98z1e9h0z026smktb5qws35dmnzzp5s74jtjthdpe30e49dsg587rx9enc3py6bwa8vzm2zav2fgk1bvwkszvhpa4yxw8svppp1f4n4t3htp4vg7hm13th7ajev213dahz5wq69ym9azjh707zzb6ahypja4ew0zmb00fhxdcmz8mnbdxrf36brv1e5kjr8ejpc54etj40a4t9rs5dvpwdbk056vkkg8w2bkx1qrmx8mwnn7vppwbd0tjcmtjd1jp2p4gaahzvxpg5tj7vsjap4kdqm086anxjha8s4wv48t03ag&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvUu2k5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoElgJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmawa6XZtPQsrUPglQMxY5iqWfonWbXLWIz7zOCJ6ypedVFa_8s6g0k7qdYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0wlaYbxeks7XFQ0NQCaTCqoq2Q-A%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jgvw9p13k5gvcq8q76dgn2076mns0hpqngn735vm9h5znge5cdew47rw0feh6bseam2f8ygcjr6cewzhtv5geq8ft6gm3hcg53h6kqs67y2ema6x0mdsbjb953hcs1pectez2632b8t2dp87tq5nbkfmjvc98z1e9h0z026smktb5qws35dmnzzp5s74jtjthdpe30e49dsg587rx9enc3py6bwa8vzm2zav2fgk1bvwkszvhpa4yxw8svppp1f4n4t3htp4vg7hm13th7ajev213dahz5wq69ym9azjh707zzb6ahypja4ew0zmb00fhxdcmz8mnbdxrf36brv1e5kjr8ejpc54etj40a4t9rs5dvpwdbk056vkkg8w2bkx1qrmx8mwnn7vppwbd0tjcmtjd1jp2p4gaahzvxpg5tj7vsjap4kdqm086anxjha8s4wv48t03ag&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvUu2k5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoElgJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmawa6XZtPQsrUPglQMxY5iqWfonWbXLWIz7zOCJ6ypedVFa_8s6g0k7qdYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0wlaYbxeks7XFQ0NQCaTCqoq2Q-A%26client%3Dca-pub-3216231935713038%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
569294
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iOLY7wmk%2BmgqDbARKxRgfeAXC0YxfPALof9vovQljHOKuNHlLNUJKvq5SC8Sp1Bj0Xu%2B5WSSaLeyRLFnhIBO55hkR5mtgxmu5XJ7k3E3X7Qh157vgiqG48TM%2FK6evqiwzHw9i5624v8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7fe9377f7a1259ef-MXP
expires
Wed, 30 Aug 2023 02:21:24 GMT
r62eglto.js
ad4m.at/ Frame 4C87 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jgvw9p13k5gvcq8q76dgn2076mns0hpqngn735vm9h5znge5cdew47rw0feh6bseam2f8ygcjr6cewzhtv5geq8ft6gm3hcg53h6kqs67y2ema6x0mdsbjb953hcs1pectez2632b8t2dp87tq5nbkfmjvc98z1e9h0z026smktb5qws35dmnzzp5s74jtjthdpe30e49dsg587rx9enc3py6bwa8vzm2zav2fgk1bvwkszvhpa4yxw8svppp1f4n4t3htp4vg7hm13th7ajev213dahz5wq69ym9azjh707zzb6ahypja4ew0zmb00fhxdcmz8mnbdxrf36brv1e5kjr8ejpc54etj40a4t9rs5dvpwdbk056vkkg8w2bkx1qrmx8mwnn7vppwbd0tjcmtjd1jp2p4gaahzvxpg5tj7vsjap4kdqm086anxjha8s4wv48t03ag&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvUu2k5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoElgJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmawa6XZtPQsrUPglQMxY5iqWfonWbXLWIz7zOCJ6ypedVFa_8s6g0k7qdYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0wlaYbxeks7XFQ0NQCaTCqoq2Q-A%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
31855
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8WQ3WPGSBXTHlMBs6TRDag2EGpUHind7tr1i%2B2y0KMd82erFSjIEfEg6IznZFpsdKYwP6ts2CnI0F9CimeMuPGwLBZ8iQJVRsR4p81XqyjEM1T2ktpS%2FbDCsfr4Oy%2FiCUcWRxc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7fe9377f8a1459ef-MXP
alt-svc
h3=":443"; ma=86400
expires
Tue, 29 Aug 2023 16:30:19 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A4E0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Aug 2023 01:21:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 80CB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AclrIgsjCWTTCkn4xj8ONuVSVnaL4z2gfyaeYohnqgwsEeefyKqRLE3SSz2dduvEaF0aYKjYZ3oFEn3T1OhfV1osDekKSHaJlkxZGmNggHz-6Ag2Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351283&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483255&bpp=405&bdt=614&idt=723&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=2&ga_vid=448424990.1693358484&ga_sid=1693358484&ga_hid=1924307505&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2172&biw=1600&bih=1200&isw=336&ish=280&ifk=2231387374&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077328%2C42531706%2C21065724&oid=2&pvsid=848690160865409&tmod=1792512408&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n2dom0z1dmc7&btvi=1&fsb=1&dtd=744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 80CB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4840510643516788278&x=1&ct=77
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351283&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483255&bpp=405&bdt=614&idt=723&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=2&ga_vid=448424990.1693358484&ga_sid=1693358484&ga_hid=1924307505&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2172&biw=1600&bih=1200&isw=336&ish=280&ifk=2231387374&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077328%2C42531706%2C21065724&oid=2&pvsid=848690160865409&tmod=1792512408&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n2dom0z1dmc7&btvi=1&fsb=1&dtd=744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 80CB 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351283&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483255&bpp=405&bdt=614&idt=723&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=2&ga_vid=448424990.1693358484&ga_sid=1693358484&ga_hid=1924307505&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2172&biw=1600&bih=1200&isw=336&ish=280&ifk=2231387374&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077328%2C42531706%2C21065724&oid=2&pvsid=848690160865409&tmod=1792512408&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n2dom0z1dmc7&btvi=1&fsb=1&dtd=744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 01:21:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 80CB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351283&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483255&bpp=405&bdt=614&idt=723&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=2&ga_vid=448424990.1693358484&ga_sid=1693358484&ga_hid=1924307505&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2172&biw=1600&bih=1200&isw=336&ish=280&ifk=2231387374&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077328%2C42531706%2C21065724&oid=2&pvsid=848690160865409&tmod=1792512408&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n2dom0z1dmc7&btvi=1&fsb=1&dtd=744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 21:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
12920
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 21:46:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 80CB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351283&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483255&bpp=405&bdt=614&idt=723&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=2&ga_vid=448424990.1693358484&ga_sid=1693358484&ga_hid=1924307505&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2172&biw=1600&bih=1200&isw=336&ish=280&ifk=2231387374&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077328%2C42531706%2C21065724&oid=2&pvsid=848690160865409&tmod=1792512408&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n2dom0z1dmc7&btvi=1&fsb=1&dtd=744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
41117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:56:07 GMT
l
www.google.com/ads/measurement/ Frame 80CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRkgX9j1837rK0vMQ-OXuzbCRLLYgjKhNKfRiUKwgkntZWPOOq_5zwfxod3q1Geh6Hybn--erckbhwwozDyseWnSvJjpw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351283&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483255&bpp=405&bdt=614&idt=723&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=2&ga_vid=448424990.1693358484&ga_sid=1693358484&ga_hid=1924307505&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2172&biw=1600&bih=1200&isw=336&ish=280&ifk=2231387374&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077328%2C42531706%2C21065724&oid=2&pvsid=848690160865409&tmod=1792512408&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n2dom0z1dmc7&btvi=1&fsb=1&dtd=744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 80CB 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351283&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483255&bpp=405&bdt=614&idt=723&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=2&ga_vid=448424990.1693358484&ga_sid=1693358484&ga_hid=1924307505&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2172&biw=1600&bih=1200&isw=336&ish=280&ifk=2231387374&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077328%2C42531706%2C21065724&oid=2&pvsid=848690160865409&tmod=1792512408&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n2dom0z1dmc7&btvi=1&fsb=1&dtd=744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 01:21:24 GMT
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Wed, 30 Aug 2023 01:21:24 GMT
via
1.1 1a3a682cf8d843fe52f3224f60584fac.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
MXP64-C1
age
1208788
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-mxp6936-MXP
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1693358484.450109,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Fr7HowXM-yDrL3QOCMXEgtHD4_DD4oO_zXSggn0QqPq3ih2Kuw7ceg==
x-cache-hits
480339
5zyrr3xpcfb3
hal9000.redintelligence.net/zone/ Frame 4467 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/5zyrr3xpcfb3?subid=&gdpr=&gdpr_consent=&rnd=1693358483028862&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJfXXk5nuZL7hAYTB-gaoroa4BKblvaBpnZecp8kP8C4QASC6hMAzYJUCyAEJqQIhXsNpQECyPqgDAcgDmwSqBOcBT9BvsAi9NPZxbVONyB6xysaUwYUUUyDf-kUrgKuKx0Fg-ErAQ5DI2RUwQdqVcWZU7bfs6Vfgw2T51cNm6JN9Sd0AhHUENBkcVukP-AW8vxNUwucOe1KJG5GaHsR0S7ve05Qx2BjK67pt1pkHbOvL02qT14gAdK9U__Jh1D2ugns-eRLruZYzGICTj3W4xj2UtoL_zntmP_yorZblY06MEm0Jz--cwYB5M4yXK66qpYmCYODoDvZfBco3T7guAHI_8qaMp43RlRBvyTLy_US-AuaRkj6f3ZY5pWlhVONxl-UhRwDGBjKmwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI_vbu9puDgQMVhKDeCh0olwFHEAEYASAAEgJ2j_D_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWjVEMPG-CZSsF3vGb98JQf8ob35zJDhOGfFshVf4guAg3ZVtCKRDlHqNYLgtZVohBFkAvnKEVnZRpfS68nb_Ytwmq4VjT-BgB%26sig%3DAOD64_0V_R20uuJeOGv-xV-k2uQ9Mb-jmA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-AQsxYW9n1C1UzW5RfjLGadzuWgRsJonvYnsK9nmF35BuoVR-h3__YKtUWUhYfkIbnf7b1G-qeAjsGQ_2jzq0veGU0vIo7EuYkZHYaJhpw_ikJvPwh7sh4CK7AEnEvfOOZ4PPdaHhRTTg_PTYjIMnyZx25Ul1IYpJlCk4AUDXX9hrpYqe4%26cry%3D1%26dbm_d%3DAKAmf-CA4EP-jyzwqR5ySLVOKDDGvYnjLPkKJuTzXBJSOgZ-kIcF3_0gosDG2gp_EL0yubBdAKXOtjXqOkWcFgV4MmCkVfjjj2wgWtu1RGyG3DSkmT8pCyOXviCDTu0DnYpDVu1FA4nZMs834CTzH9OjrkhY5upo8oL96rPk5l2bjSC_5D8UT4B11IrYwYi6KWB8xSWShPFo8pdZBAQb6iDXHquaT9xCq7GcgD9nnfCXnU9bsnUEOy2jnFtO7lHhhVEizFnbWGLGQDdlUFlNOeyqb8ej1sZU1Aps-LOUMJp855g78DzbYpDmjsFxAVdo0Ul0Qwg7AcIbLKoBbGXsJ1ALYdHtL5K5KffNBXM6uidjaazNO0bSIjc2Mqs5muP20rUf85rUZGXKzc-LtLTDc733KSe3SAxOB28xjUFhPDZfzg8tW9_h1zayZt5hFLDiWgArzD8XRQ3W0sGZQf11L2v1WzYsnayM_xi3gLFdXfbMHgUrgu7lEhqP8C5MiUk_VNjGDMqUzd_rK5mnwIT04NlzaiQ1QB9XMpWHxDtXzpQBuOyGM_TxKJbmjmlYiRtIItjWYHB0dt9ObJM0K7Uoupyhe_8D5GGjUmKzfgoWfgVhP09vrSTIeZnh1etvSXizxxf8nRgn7QPCBjwWBAi5QpZLz-taGRDB62ot7KqUU6xNluy5DYL7r7o%26adurl%3D
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
21a77a399af3c81d3dbff214b8ddb131ebd90baec28b02d3781116ae7afbd682

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 01:21:24 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4320
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
generic
match.adsrvr.org/track/cmf/ Frame 7144 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8PiECLAa8JzwHt3tzFBJ4T3gObvfmKCwAAABgYID-AElMHKPhyOVYS0zD1Vo0WXnWEsdouVaOXMbFxDSZzUY2IyCJiWM0HLkca4lpuFqLJivPWuIYLdfKkcu4mJgms9nIZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZyaDodPte9Xvf73SU-z1zj9yv80qPDLXW6hQ6_W_h02H1u4dPhd0udLrfU6XJLnQ67W-Kw-9wao-stfDrsbpHDLXe63qK_6y12uDVGl1tz9LveEqdb53K6dX-3xuh0ix12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkchMNycV1-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEKGeKUmz0EJ4IgWxRRgBAAAAgFVYcz8ySSeoWFT5___vtwJwBQAgQJHooFwoi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHqOXNMA8TM3q_kFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOZYrXarmXPmGW0cLs9sOXH5hhPDxDnauBwm42Z7BBWMF75kfCH7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYhvMzHZlpO1ZjJYuEWz4WytcHkca9lotjAsXJ6VceZxi14f08VlXMwcky0SDMDbi-RpkU5kE4thuNjYFo6JceZymYYT52Q3spgGs5Vl49vNJmKJ5mSRTmSXfc2xWu1WM-fMM9o4XJ7ZcuLyDSeGiXO0cTlMxs2-4ttMTLblZK2ZDBZu0Ww4WytcHsdaNpotDAuXZ2Wcedyi18d0cRkXM8dk35gtN5vVcDSc7Buz5WazGo6Gk32HzvBdfc5GZVkl-bj8Kt224bo5DQqXweJ9qU_nYcFYkE47R6dLpHgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hlx4dbqnTLXT43cKnw-5zC58Ov1vqdLmlTpdb6nTY3RKH3efWGF1v4dNhd4scbrnT9Rb9XW-xw60xutyao9_1ljjdOpfTrfu7NUanW-ywC01vs0UsEZwu0onoZTxd1H_kELvZXDGYKwa7uWQzXCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptA8Cju____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIyWS22D8AFWKtVqvbjbVarYAFshwMRxP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 7144
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-wxglWCpE2oSseuAnDCKquyJoEaO8sAlTbiLRqw--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-wxglWCpE2oSseuAnDCKquyJoEaO8sAlTbiLRqw--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8PiECLAa8JzwHt3tzFBJ4T3gObvfmKCwAAABgYID-AElMHKPhyOVYS0zD1Vo0WXnWEsdouVaOXMbFxDSZzUY2IyCJiWM0HLkca4lpuFqLJivPWuIYLdfKkcu4mJgms9nIZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZyaDodPte9Xvf73SU-z1zj9yv80qPDLXW6hQ6_W_h02H1u4dPhd0udLrfU6XJLnQ67W-Kw-9wao-stfDrsbpHDLXe63qK_6y12uDVGl1tz9LveEqdb53K6dX-3xuh0ix12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkchMNycV1-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEKGeKUmz0EJ4IgWxRRgBAAAAgFVYcz8ySSeoWFT5___vtwJwBQAgQJHooFwoi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHqOXNMA8TM3q_kFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOZYrXarmXPmGW0cLs9sOXH5hhPDxDnauBwm42Z7BBWMF75kfCH7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYhvMzHZlpO1ZjJYuEWz4WytcHkca9lotjAsXJ6VceZxi14f08VlXMwcky0SDMDbi-RpkU5kE4thuNjYFo6JceZymYYT52Q3spgGs5Vl49vNJmKJ5mSRTmSXfc2xWu1WM-fMM9o4XJ7ZcuLyDSeGiXO0cTlMxs2-4ttMTLblZK2ZDBZu0Ww4WytcHsdaNpotDAuXZ2Wcedyi18d0cRkXM8dk35gtN5vVcDSc7Buz5WazGo6Gk32HzvBdfc5GZVkl-bj8Kt224bo5DQqXweJ9qU_nYcFYkE47R6dLpHgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hlx4dbqnTLXT43cKnw-5zC58Ov1vqdLmlTpdb6nTY3RKH3efWGF1v4dNhd4scbrnT9Rb9XW-xw60xutyao9_1ljjdOpfTrfu7NUanW-ywC01vs0UsEZwu0onoZTxd1H_kELvZXDGYKwa7uWQzXCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptA8Cju____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIyWS22D8AFWKtVqvbjbVarYAFshwMRxP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24662

Redirect headers

date
Wed, 30 Aug 2023 01:21:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-wxglWCpE2oSseuAnDCKquyJoEaO8sAlTbiLRqw--~A
content-length
0
sync
ups.analytics.yahoo.com/ups/58785/ Frame 7144 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8PiECLAa8JzwHt3tzFBJ4T3gObvfmKCwAAABgYID-AElMHKPhyOVYS0zD1Vo0WXnWEsdouVaOXMbFxDSZzUY2IyCJiWM0HLkca4lpuFqLJivPWuIYLdfKkcu4mJgms9nIZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZyaDodPte9Xvf73SU-z1zj9yv80qPDLXW6hQ6_W_h02H1u4dPhd0udLrfU6XJLnQ67W-Kw-9wao-stfDrsbpHDLXe63qK_6y12uDVGl1tz9LveEqdb53K6dX-3xuh0ix12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkchMNycV1-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEKGeKUmz0EJ4IgWxRRgBAAAAgFVYcz8ySSeoWFT5___vtwJwBQAgQJHooFwoi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHqOXNMA8TM3q_kFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOZYrXarmXPmGW0cLs9sOXH5hhPDxDnauBwm42Z7BBWMF75kfCH7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYhvMzHZlpO1ZjJYuEWz4WytcHkca9lotjAsXJ6VceZxi14f08VlXMwcky0SDMDbi-RpkU5kE4thuNjYFo6JceZymYYT52Q3spgGs5Vl49vNJmKJ5mSRTmSXfc2xWu1WM-fMM9o4XJ7ZcuLyDSeGiXO0cTlMxs2-4ttMTLblZK2ZDBZu0Ww4WytcHsdaNpotDAuXZ2Wcedyi18d0cRkXM8dk35gtN5vVcDSc7Buz5WazGo6Gk32HzvBdfc5GZVkl-bj8Kt224bo5DQqXweJ9qU_nYcFYkE47R6dLpHgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hlx4dbqnTLXT43cKnw-5zC58Ov1vqdLmlTpdb6nTY3RKH3efWGF1v4dNhd4scbrnT9Rb9XW-xw60xutyao9_1ljjdOpfTrfu7NUanW-ywC01vs0UsEZwu0onoZTxd1H_kELvZXDGYKwa7uWQzXCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptA8Cju____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIyWS22D8AFWKtVqvbjbVarYAFshwMRxP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
css
fonts.googleapis.com/ Frame FAB0 		8 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351284&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483291&bpp=440&bdt=671&idt=787&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=1&ga_vid=1930005420.1693358484&ga_sid=1693358484&ga_hid=394706282&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3637166096&scr_x=0&scr_y=0&eid=44798879%2C44759875%2C44759926%2C44759837%2C44798934%2C31076998&oid=2&pvsid=1084659188754477&tmod=1700580836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.om6dmuaj93it&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 01:21:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Aug 2023 01:21:24 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame FAB0 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351284&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483291&bpp=440&bdt=671&idt=787&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=1&ga_vid=1930005420.1693358484&ga_sid=1693358484&ga_hid=394706282&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3637166096&scr_x=0&scr_y=0&eid=44798879%2C44759875%2C44759926%2C44759837%2C44798934%2C31076998&oid=2&pvsid=1084659188754477&tmod=1700580836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.om6dmuaj93it&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
41117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:56:07 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame FAB0 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351284&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483291&bpp=440&bdt=671&idt=787&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=1&ga_vid=1930005420.1693358484&ga_sid=1693358484&ga_hid=394706282&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3637166096&scr_x=0&scr_y=0&eid=44798879%2C44759875%2C44759926%2C44759837%2C44798934%2C31076998&oid=2&pvsid=1084659188754477&tmod=1700580836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.om6dmuaj93it&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
41117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9067
x-xss-protection
0
server
cafe
etag
16184311534176170479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:56:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame FAB0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351284&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483291&bpp=440&bdt=671&idt=787&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=1&ga_vid=1930005420.1693358484&ga_sid=1693358484&ga_hid=394706282&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3637166096&scr_x=0&scr_y=0&eid=44798879%2C44759875%2C44759926%2C44759837%2C44798934%2C31076998&oid=2&pvsid=1084659188754477&tmod=1700580836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.om6dmuaj93it&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 21:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
12920
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 21:46:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame FAB0 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351284&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483291&bpp=440&bdt=671&idt=787&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=1&ga_vid=1930005420.1693358484&ga_sid=1693358484&ga_hid=394706282&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3637166096&scr_x=0&scr_y=0&eid=44798879%2C44759875%2C44759926%2C44759837%2C44798934%2C31076998&oid=2&pvsid=1084659188754477&tmod=1700580836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.om6dmuaj93it&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
41117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:56:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FAB0 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351284&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483291&bpp=440&bdt=671&idt=787&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=1&ga_vid=1930005420.1693358484&ga_sid=1693358484&ga_hid=394706282&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3637166096&scr_x=0&scr_y=0&eid=44798879%2C44759875%2C44759926%2C44759837%2C44798934%2C31076998&oid=2&pvsid=1084659188754477&tmod=1700580836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.om6dmuaj93it&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 01:21:24 GMT
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame FAB0 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351284&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483291&bpp=440&bdt=671&idt=787&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=1&ga_vid=1930005420.1693358484&ga_sid=1693358484&ga_hid=394706282&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3637166096&scr_x=0&scr_y=0&eid=44798879%2C44759875%2C44759926%2C44759837%2C44798934%2C31076998&oid=2&pvsid=1084659188754477&tmod=1700580836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.om6dmuaj93it&fsb=1&dtd=804
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 01:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
432729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 00:31:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 01:09:15 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DAB7 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNV9DUJLuncVot0SbAf7sQzx5yepuViSGTfIIbCEcYOiqk8kxrJ74LvnQbFBQxjyT_xxize6ZMqq8auTQwGDnl3H-y_HHnqR4QSG7BeqerDubd9bzLry8u55LQcyGlyZRLYm9QPFCjtyCY6XLa_DyOiVYWuz55FH3O_fcZYvLWz6ikHcmIc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351283&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483255&bpp=405&bdt=614&idt=723&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=2&ga_vid=448424990.1693358484&ga_sid=1693358484&ga_hid=1924307505&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2172&biw=1600&bih=1200&isw=336&ish=280&ifk=2231387374&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077328%2C42531706%2C21065724&oid=2&pvsid=848690160865409&tmod=1792512408&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n2dom0z1dmc7&btvi=1&fsb=1&dtd=744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351283&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483255&bpp=405&bdt=614&idt=723&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=2&ga_vid=448424990.1693358484&ga_sid=1693358484&ga_hid=1924307505&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2172&biw=1600&bih=1200&isw=336&ish=280&ifk=2231387374&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077328%2C42531706%2C21065724&oid=2&pvsid=848690160865409&tmod=1792512408&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n2dom0z1dmc7&btvi=1&fsb=1&dtd=744
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je38s0&_p=1500233466&cid=1870201937.1693358483&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693358484&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&dt=%E7%82%B8%E9%9B%9E%E5%A5%BD%E9%A6%99%EF%BC%81%E5%B0%8F%E5%A7%90%E5%A7%90%E8%82%A9%E8%86%80%E3%80%8C%E5%87%BA%E7%8F%BE%E5%A4%A7%E7%89%9B%E9%A0%AD%E3%80%8D%E3%80%80%E6%8B%89%E6%89%AF%E6%89%8B%E8%87%82%EF%BC%9A%E7%B5%A6%E6%88%91%E5%90%83%E5%95%A6%EF%BD%9E%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 9E9B 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHX2_xqekHTxAmOFQ2n0nIk&google_cver=1&google_push=AXcoOmQt1tuA11i__Aec3sXU31f4YeUa77Oi48hiSlMb8jffnJSoT8X9DHaxJu8m-a302APXvu5iW11_kMz4oYWFNbLD4_f95I-LP0at
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2852665323357970481&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3323&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=709001778&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&ga_hid=1500233466&dt=1693358483295&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&bdt=1354&dtd=142&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9E9B
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHHko2Pks1slcoEK1lBfyZo&google_cver=1&google_push=AXcoOmRrX5ilZsQBO_XreZrd3HpJNcsql-7FLNhgnyzUpaeSBhLIO4V...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=3114f4566c6e241c&is_secure=true&networkId=14000&version=1&google_gid=CAESEHHko2Pks1slcoEK1lBfyZo&google_cver=1&google_push=AXcoOmRrX5il...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIOsjnu-fakQMxUy0OAAAAAAA&expiration=1693444884&google_cver=1&is_secure=true&google_gid=CAESEHHko2Pks1slcoEK1lBfy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIOsjnu-fakQMxUy0OAAAAAAA&expiration=1693444884&google_cver=1&is_secure=true&google_gid=CAESEHHko2Pks1slcoEK1lBfyZo&google_push=AXcoOmRrX5ilZsQBO_XreZrd3HpJNcsql-7FLNhgnyzUpaeSBhLIO4VUujh_pJd4mZAchI5cbr7CQK-G0HVh9pEiR7Hw5JxVgRpUQNKI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2852665323357970481&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3323&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=709001778&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&ga_hid=1500233466&dt=1693358483295&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&bdt=1354&dtd=142&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIOsjnu-fakQMxUy0OAAAAAAA&expiration=1693444884&google_cver=1&is_secure=true&google_gid=CAESEHHko2Pks1slcoEK1lBfyZo&google_push=AXcoOmRrX5ilZsQBO_XreZrd3HpJNcsql-7FLNhgnyzUpaeSBhLIO4VUujh_pJd4mZAchI5cbr7CQK-G0HVh9pEiR7Hw5JxVgRpUQNKI
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 9E9B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAcx9-UF25lWZ5fZ48wsxN0&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAcx9-UF25lWZ5fZ48wsxN0&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SG9yWVluc3QxUUI5VEM1&google_gid=CAESEAcx9-UF25lWZ5fZ48wsxN0&google_cver=1&google_push=AXcoOmRPxJZf72l9mpAJBNa--Pkg3Z4FPKVJsQApkH5t2xo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SG9yWVluc3QxUUI5VEM1&google_gid=CAESEAcx9-UF25lWZ5fZ48wsxN0&google_cver=1&google_push=AXcoOmRPxJZf72l9mpAJBNa--Pkg3Z4FPKVJsQApkH5t2xowCBF7jWGprJ_pUBfSk0i3D82NVt3wwTbb47L10fybuMDUPUmt2PL4cq7M
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2852665323357970481&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3323&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=709001778&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&ga_hid=1500233466&dt=1693358483295&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&bdt=1354&dtd=142&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:24 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0546ea729b64acd63@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SG9yWVluc3QxUUI5VEM1&google_gid=CAESEAcx9-UF25lWZ5fZ48wsxN0&google_cver=1&google_push=AXcoOmRPxJZf72l9mpAJBNa--Pkg3Z4FPKVJsQApkH5t2xowCBF7jWGprJ_pUBfSk0i3D82NVt3wwTbb47L10fybuMDUPUmt2PL4cq7M
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 9E9B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELhxBHDK9NzHb61N1DRW52Q&google_cver=1&google_push=AXcoOmTYcrB5wXi_dpMACaa89gt_OKusJAyJlM7cs6-OnYCf6dKv13HTpnNTHSF0zjqGEyW3RR-u1ZRPuOOLZ592ZDbnaxZJEIWP1...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELhxBHDK9NzHb61N1DRW52Q&google_cver=1&google_push=AXcoOmTYcrB5wXi_dpMACaa89gt_OKusJAyJlM7cs6-OnYCf6dKv13HTpnNTHSF0zjqGEyW3RR-u1ZRPuOOLZ592ZDbnaxZJEIW...
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELhxBHDK9NzHb61N1DRW52Q&google_cver=1&google_push=AXcoOmTYcrB5wXi_dpMACaa89gt_OKusJAyJlM7cs6-OnYCf6dKv13HTpnNTHSF0zjqGEyW3RR-u1ZRPuOOLZ592ZDbnaxZJEIWP17gs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTYcrB5wXi_dpMACaa89gt_OKusJAyJlM7cs6-OnYCf6dKv13HTpnNTHSF0zjqGEyW3RR-u1ZRPuOOLZ592ZDbnaxZJEIWP17gs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2852665323357970481&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3323&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=709001778&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&ga_hid=1500233466&dt=1693358483295&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&bdt=1354&dtd=142&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:25 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7fe93782ae7f24be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1441
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELhxBHDK9NzHb61N1DRW52Q&google_cver=1&google_push=AXcoOmTYcrB5wXi_dpMACaa89gt_OKusJAyJlM7cs6-OnYCf6dKv13HTpnNTHSF0zjqGEyW3RR-u1ZRPuOOLZ592ZDbnaxZJEIWP17gs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTYcrB5wXi_dpMACaa89gt_OKusJAyJlM7cs6-OnYCf6dKv13HTpnNTHSF0zjqGEyW3RR-u1ZRPuOOLZ592ZDbnaxZJEIWP17gs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7fe937809c7d24be-ZRH
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 9E9B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHM9IYYdZ1QfTYhbzfoAwBI&google_cver=1&google_push=AXcoOmRwEv_6FIBjZPrbdaprYD0AdW1nOdEncUW7gpIMhKF2raIaahrH38MFrIsPuW2Ik8gypomN_gDEHruhgzzDZzsniAUqfzWPP3VP
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2852665323357970481&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3323&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=709001778&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&ga_hid=1500233466&dt=1693358483295&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&bdt=1354&dtd=142&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 9E9B
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEOlC8JzRf5MgTr0DmmHrgC0&google_cver=1&google_push=AXcoOmSxJeMXHmSLZqLAFzSvPxXU3ubMpHvTEWhlhUsH_FC1LVqcmLP5oSbtl3BnC3NCp0F8M8mKzCFrAv6KQ68f...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=tj_alYpYSxaVB-AeN1qjIg2&google_push=AXcoOmSxJeMXHmSLZqLAFzSvPxXU3ubMpHvTEWhlhUsH_FC1LVqcmLP5oSbtl3BnC3NCp0F8M8mKzCFrAv6KQ68fFpE0dVN71Oa6huNH
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=tj_alYpYSxaVB-AeN1qjIg2&google_push=AXcoOmSxJeMXHmSLZqLAFzSvPxXU3ubMpHvTEWhlhUsH_FC1LVqcmLP5oSbtl3BnC3NCp0F8M8mKzCFrAv6KQ68fFpE0dVN71Oa6huNH
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2852665323357970481&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3323&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=709001778&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&ga_hid=1500233466&dt=1693358483295&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&bdt=1354&dtd=142&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 30 Aug 2023 01:21:24 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=tj_alYpYSxaVB-AeN1qjIg2&google_push=AXcoOmSxJeMXHmSLZqLAFzSvPxXU3ubMpHvTEWhlhUsH_FC1LVqcmLP5oSbtl3BnC3NCp0F8M8mKzCFrAv6KQ68fFpE0dVN71Oa6huNH
x-host
tde-deliveryengine-production-684d5dc7fc-vnjpt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9E9B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDRIoAJUe-SlJTOYzRkJ9xI&google_cver=1&google_push=AXcoOmT_qQMuoNF-b5MNMyf8Wm4or-a4yZA4XJLHwME9IZ4hf7xJkEWVieWb-WCchrAzmI5MuYL5av-nv_h3...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT_qQMuoNF-b5MNMyf8Wm4or-a4yZA4XJLHwME9IZ4hf7xJkEWVieWb-WCchrAzmI5MuYL5av-nv_h3AC9WMi8fF_8dlurvyJQd
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT_qQMuoNF-b5MNMyf8Wm4or-a4yZA4XJLHwME9IZ4hf7xJkEWVieWb-WCchrAzmI5MuYL5av-nv_h3AC9WMi8fF_8dlurvyJQd
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2852665323357970481&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3323&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=709001778&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&ga_hid=1500233466&dt=1693358483295&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&bdt=1354&dtd=142&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT_qQMuoNF-b5MNMyf8Wm4or-a4yZA4XJLHwME9IZ4hf7xJkEWVieWb-WCchrAzmI5MuYL5av-nv_h3AC9WMi8fF_8dlurvyJQd
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 9E9B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KSjSBRPuPB330Z7st8d2TTC2ycOz33tOpYvlmLrlFj4beWDa3DSlv5_pF0kM2H9Aw2Bn_u
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2852665323357970481&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3323&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=709001778&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&ga_hid=1500233466&dt=1693358483295&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&bdt=1354&dtd=142&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
excludedClients.json
cdn.unibotscdn.com/ubplayer/video/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/video/excludedClients.json
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1077 /
Resource Hash
e7706a77a81e49305eff01e04986f8695816feb04276debe29ae1d378892b102

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
gzip
cdn-edgestorageid
863
cdn-storageserver
DE-168
cdn-cachedat
08/25/2023 11:51:41
cdn-pullzone
873945
last-modified
Fri, 25 Aug 2023 11:51:25 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
552
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
14da4166925bddc173680ecbdefc3491
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0CA7 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
240579
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 06:31:45 GMT
expires
Mon, 26 Aug 2024 06:31:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 393E 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351284&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483291&bpp=440&bdt=671&idt=787&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=1&ga_vid=1930005420.1693358484&ga_sid=1693358484&ga_hid=394706282&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3637166096&scr_x=0&scr_y=0&eid=44798879%2C44759875%2C44759926%2C44759837%2C44798934%2C31076998&oid=2&pvsid=1084659188754477&tmod=1700580836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.om6dmuaj93it&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351284&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483291&bpp=440&bdt=671&idt=787&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=1&ga_vid=1930005420.1693358484&ga_sid=1693358484&ga_hid=394706282&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3637166096&scr_x=0&scr_y=0&eid=44798879%2C44759875%2C44759926%2C44759837%2C44798934%2C31076998&oid=2&pvsid=1084659188754477&tmod=1700580836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.om6dmuaj93it&fsb=1&dtd=804
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
3461
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 00:23:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F218 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
240579
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 06:31:45 GMT
expires
Mon, 26 Aug 2024 06:31:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 32FB 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7341a1907a4ed7aeaf09fa6971fbd0dcb58c9a6018305b1722a44cd4c301f673

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame FAB0 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
partner
sync.search.spotxchange.com/ Frame DAB7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHZVMhcE9EpC69TaxBr7mDk&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame DAB7 		0
0
pixel
cm.g.doubleclick.net/ Frame DAB7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1qajZtZUE5RTJ1SHN2aDNielZCSk12LnlRc0U5UC4wMX5B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1qajZtZUE5RTJ1SHN2aDNielZCSk12LnlRc0U5UC4wMX5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNV9DUJLuncVot0SbAf7sQzx5yepuViSGTfIIbCEcYOiqk8kxrJ74LvnQbFBQxjyT_xxize6ZMqq8auTQwGDnl3H-y_HHnqR4QSG7BeqerDubd9bzLry8u55LQcyGlyZRLYm9QPFCjtyCY6XLa_DyOiVYWuz55FH3O_fcZYvLWz6ikHcmIc
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1qajZtZUE5RTJ1SHN2aDNielZCSk12LnlRc0U5UC4wMX5B
date
Wed, 30 Aug 2023 01:21:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 75B3 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
240579
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 06:31:45 GMT
expires
Mon, 26 Aug 2024 06:31:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A9D4 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351284&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483291&bpp=440&bdt=671&idt=787&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=1&ga_vid=1930005420.1693358484&ga_sid=1693358484&ga_hid=394706282&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3637166096&scr_x=0&scr_y=0&eid=44798879%2C44759875%2C44759926%2C44759837%2C44798934%2C31076998&oid=2&pvsid=1084659188754477&tmod=1700580836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.om6dmuaj93it&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
50845
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 11:13:59 GMT
etag
48472445140208031
expires
Wed, 30 Aug 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E561 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
12759
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 21:48:45 GMT
expires
Wed, 28 Aug 2024 21:48:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2DD6 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
70eb77b38594d0710ea412ca88542383bfa544a1e45c2686222ee03dde1da481
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3wOnHTDNUNgyYiV3IEtffA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-3wOnHTDNUNgyYiV3IEtffA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:24 GMT
expires
Wed, 30 Aug 2023 01:21:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
request.php
hal90002.redintelligence.net/ Frame E3E7
Redirect Chain
  • https://hal90002.redintelligence.net/request.php?zone=ar0wka2ffzvy&nw=20&renderingType=javascript&namespace=4144e94b79&subid=&uid=156519bba037fe33&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90002.redintelligence.net/request.php?zone=ar0wka2ffzvy&nw=20&renderingType=javascript&namespace=4144e94b79&subid=&uid=156519bba037fe33&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
610 B
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/request.php?zone=ar0wka2ffzvy&nw=20&renderingType=javascript&namespace=4144e94b79&subid=&uid=156519bba037fe33&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGUHbk5nuZL3hAYTB-gaoroa4BKblvaBp_ZCcp8kP8C4QASC6hMAzYJUCyAEJqQIhXsNpQECyPqgDAcgDmwSqBOUBT9BDINRxbYeFiExI7SxDifdWZy-PPgZvgGyQh0xBBZ5BhksdJvG4d_WSzRQh8cGNWw3CGLlblrwQbzZPBOMBj2RZsHX9nzGXHFW5M0ubPvjJRw4xB_hpRMSAfFPeIfgThczbPP9-ZEN4Q4qlTZmALRRUzAJfnIUq9mSJ1yZMCVQNpj_dzHYWZUqeiGLTyaYFgxYdyF1qjPhiQqhlRVxzl3MdtV71VzFeXHq-DAHP_1W9pojE36ZLj7YmLcExOJRg2F0B6aULZ2dvw7foG2JbupK8xhJY5CbhEno8JCYjgK3GN5nCKcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI_fbu9puDgQMVhKDeCh0olwFHEAEYASAAEgKbSvD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWjVEMPG-CZSsF3vGb98JQf8ob35zJDhOGfFshVf4guAg3ZVtCKRDlHqNYLgtZVohBFkAvnKEVnZRpfS68nb_Ytwmq4VjT-BgB%26sig%3DAOD64_3qBjmdcJrcv07nHHU2D3ocFSg0Bg%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CAlBPxsCJ7Kdq3tU_AEhHpd49lhcfITQkQy4poSwwlBP1CRxnCowCUUI1fs9J14-FgUAUbHNZr8mjWhMkX2Z5PZxWZrrgZxG7WHt5rsI8rugTqDd0qDFxviFW1b8nOSsp7nrPlweA8Qj5qE347FKq_zT575dVweRDZEGGaoMaT8Iz2JoA%26cry%3D1%26dbm_d%3DAKAmf-DCzz0H0pjgmy7ngHZCsoSWHI2fDb3H_UqQ4mt0WdAqz9ziQI0gzrjeQCGxKY2akV_EeYxXwW47kEWP7vYXo1Yvg42Im0QXTAKUjnPU1H0gIPNRVmAyERNlRm6eXharkMkA-tUBjXHoozz7zY1CiQb8Krtud1eB9E4VlGpOO-scLDkw7UyKzWLKbULtyu24QjJFacrNOfD65_JdHiHoNAXSM1fY23mACZEP4_LTD2OQTo5FUR8PiQDfytBxgaeIRso7i9HiBqeVvf8LhCz7TRCIapasfjW7-xWRg6nXEkWh1-X-ZnfK3nahxm7gAfO-EPRrC1xJYuIcmb08isfswieArXcd0ZDLLSKI595UPeX6u0THW6rSY5SIvJgIFCaqi4cnt1No0e42o_76z_Tkth1-2wBhp6tJ3bV_-GEvJwLHb-F8XHQhn2vewHtO2si1OesJp6BJIdhocI7lgTh0AjEl2OCaUFeevS9_xiobX9gh83OpP84TgllV9P_La1EO_4szw2nMRlx-zUaCqgqFLmysJSdtk9lgrdl7Khug1LGt94rL9VBr4uBr-1a4yKqQXqCkahVPfDR6IUVk1aSdnNkqm2GnJYy7A5Kd1ppZ1R7pAKOxCeL6-8Zsbtlm89GLKEFwjnnR3Q43Orpep8ZjLwgSphKjeQBvqfYrTzMK_qRwGjCKoyY%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=7558562466495&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
a8b0c75ecf2c64ba7ec16375f92571be298d825bee99bf428d38a5b268d8d44e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:25 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
99267200007424204444982012432002
Connection
close
Content-Length
328
Expires
Wed, 30 Aug 2023 02:21:25 +0200

Redirect headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:24 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=ar0wka2ffzvy&nw=20&renderingType=javascript&namespace=4144e94b79&subid=&uid=156519bba037fe33&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGUHbk5nuZL3hAYTB-gaoroa4BKblvaBp_ZCcp8kP8C4QASC6hMAzYJUCyAEJqQIhXsNpQECyPqgDAcgDmwSqBOUBT9BDINRxbYeFiExI7SxDifdWZy-PPgZvgGyQh0xBBZ5BhksdJvG4d_WSzRQh8cGNWw3CGLlblrwQbzZPBOMBj2RZsHX9nzGXHFW5M0ubPvjJRw4xB_hpRMSAfFPeIfgThczbPP9-ZEN4Q4qlTZmALRRUzAJfnIUq9mSJ1yZMCVQNpj_dzHYWZUqeiGLTyaYFgxYdyF1qjPhiQqhlRVxzl3MdtV71VzFeXHq-DAHP_1W9pojE36ZLj7YmLcExOJRg2F0B6aULZ2dvw7foG2JbupK8xhJY5CbhEno8JCYjgK3GN5nCKcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI_fbu9puDgQMVhKDeCh0olwFHEAEYASAAEgKbSvD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWjVEMPG-CZSsF3vGb98JQf8ob35zJDhOGfFshVf4guAg3ZVtCKRDlHqNYLgtZVohBFkAvnKEVnZRpfS68nb_Ytwmq4VjT-BgB%26sig%3DAOD64_3qBjmdcJrcv07nHHU2D3ocFSg0Bg%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CAlBPxsCJ7Kdq3tU_AEhHpd49lhcfITQkQy4poSwwlBP1CRxnCowCUUI1fs9J14-FgUAUbHNZr8mjWhMkX2Z5PZxWZrrgZxG7WHt5rsI8rugTqDd0qDFxviFW1b8nOSsp7nrPlweA8Qj5qE347FKq_zT575dVweRDZEGGaoMaT8Iz2JoA%26cry%3D1%26dbm_d%3DAKAmf-DCzz0H0pjgmy7ngHZCsoSWHI2fDb3H_UqQ4mt0WdAqz9ziQI0gzrjeQCGxKY2akV_EeYxXwW47kEWP7vYXo1Yvg42Im0QXTAKUjnPU1H0gIPNRVmAyERNlRm6eXharkMkA-tUBjXHoozz7zY1CiQb8Krtud1eB9E4VlGpOO-scLDkw7UyKzWLKbULtyu24QjJFacrNOfD65_JdHiHoNAXSM1fY23mACZEP4_LTD2OQTo5FUR8PiQDfytBxgaeIRso7i9HiBqeVvf8LhCz7TRCIapasfjW7-xWRg6nXEkWh1-X-ZnfK3nahxm7gAfO-EPRrC1xJYuIcmb08isfswieArXcd0ZDLLSKI595UPeX6u0THW6rSY5SIvJgIFCaqi4cnt1No0e42o_76z_Tkth1-2wBhp6tJ3bV_-GEvJwLHb-F8XHQhn2vewHtO2si1OesJp6BJIdhocI7lgTh0AjEl2OCaUFeevS9_xiobX9gh83OpP84TgllV9P_La1EO_4szw2nMRlx-zUaCqgqFLmysJSdtk9lgrdl7Khug1LGt94rL9VBr4uBr-1a4yKqQXqCkahVPfDR6IUVk1aSdnNkqm2GnJYy7A5Kd1ppZ1R7pAKOxCeL6-8Zsbtlm89GLKEFwjnnR3Q43Orpep8ZjLwgSphKjeQBvqfYrTzMK_qRwGjCKoyY%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=7558562466495&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Wed, 30 Aug 2023 02:21:24 +0200
request.php
hal900027.redintelligence.net/ Frame 4467
Redirect Chain
  • https://hal900027.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=118ff2abf7&subid=&uid=1a1ff0ec494852d0&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900027.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=118ff2abf7&subid=&uid=1a1ff0ec494852d0&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
611 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900027.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=118ff2abf7&subid=&uid=1a1ff0ec494852d0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJfXXk5nuZL7hAYTB-gaoroa4BKblvaBpnZecp8kP8C4QASC6hMAzYJUCyAEJqQIhXsNpQECyPqgDAcgDmwSqBOcBT9BvsAi9NPZxbVONyB6xysaUwYUUUyDf-kUrgKuKx0Fg-ErAQ5DI2RUwQdqVcWZU7bfs6Vfgw2T51cNm6JN9Sd0AhHUENBkcVukP-AW8vxNUwucOe1KJG5GaHsR0S7ve05Qx2BjK67pt1pkHbOvL02qT14gAdK9U__Jh1D2ugns-eRLruZYzGICTj3W4xj2UtoL_zntmP_yorZblY06MEm0Jz--cwYB5M4yXK66qpYmCYODoDvZfBco3T7guAHI_8qaMp43RlRBvyTLy_US-AuaRkj6f3ZY5pWlhVONxl-UhRwDGBjKmwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI_vbu9puDgQMVhKDeCh0olwFHEAEYASAAEgJ2j_D_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWjVEMPG-CZSsF3vGb98JQf8ob35zJDhOGfFshVf4guAg3ZVtCKRDlHqNYLgtZVohBFkAvnKEVnZRpfS68nb_Ytwmq4VjT-BgB%26sig%3DAOD64_0V_R20uuJeOGv-xV-k2uQ9Mb-jmA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-AQsxYW9n1C1UzW5RfjLGadzuWgRsJonvYnsK9nmF35BuoVR-h3__YKtUWUhYfkIbnf7b1G-qeAjsGQ_2jzq0veGU0vIo7EuYkZHYaJhpw_ikJvPwh7sh4CK7AEnEvfOOZ4PPdaHhRTTg_PTYjIMnyZx25Ul1IYpJlCk4AUDXX9hrpYqe4%26cry%3D1%26dbm_d%3DAKAmf-CA4EP-jyzwqR5ySLVOKDDGvYnjLPkKJuTzXBJSOgZ-kIcF3_0gosDG2gp_EL0yubBdAKXOtjXqOkWcFgV4MmCkVfjjj2wgWtu1RGyG3DSkmT8pCyOXviCDTu0DnYpDVu1FA4nZMs834CTzH9OjrkhY5upo8oL96rPk5l2bjSC_5D8UT4B11IrYwYi6KWB8xSWShPFo8pdZBAQb6iDXHquaT9xCq7GcgD9nnfCXnU9bsnUEOy2jnFtO7lHhhVEizFnbWGLGQDdlUFlNOeyqb8ej1sZU1Aps-LOUMJp855g78DzbYpDmjsFxAVdo0Ul0Qwg7AcIbLKoBbGXsJ1ALYdHtL5K5KffNBXM6uidjaazNO0bSIjc2Mqs5muP20rUf85rUZGXKzc-LtLTDc733KSe3SAxOB28xjUFhPDZfzg8tW9_h1zayZt5hFLDiWgArzD8XRQ3W0sGZQf11L2v1WzYsnayM_xi3gLFdXfbMHgUrgu7lEhqP8C5MiUk_VNjGDMqUzd_rK5mnwIT04NlzaiQ1QB9XMpWHxDtXzpQBuOyGM_TxKJbmjmlYiRtIItjWYHB0dt9ObJM0K7Uoupyhe_8D5GGjUmKzfgoWfgVhP09vrSTIeZnh1etvSXizxxf8nRgn7QPCBjwWBAi5QpZLz-taGRDB62ot7KqUU6xNluy5DYL7r7o%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=6880939456663&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
URL: https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
bbaf5cd5013cd0f67e88fb31032ca97a415a03927f72c788228b9d9a00889c25

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:24 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
77442200005636504445002012432027
Connection
close
Content-Length
330
Expires
Wed, 30 Aug 2023 02:21:24 +0200

Redirect headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:24 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=118ff2abf7&subid=&uid=1a1ff0ec494852d0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJfXXk5nuZL7hAYTB-gaoroa4BKblvaBpnZecp8kP8C4QASC6hMAzYJUCyAEJqQIhXsNpQECyPqgDAcgDmwSqBOcBT9BvsAi9NPZxbVONyB6xysaUwYUUUyDf-kUrgKuKx0Fg-ErAQ5DI2RUwQdqVcWZU7bfs6Vfgw2T51cNm6JN9Sd0AhHUENBkcVukP-AW8vxNUwucOe1KJG5GaHsR0S7ve05Qx2BjK67pt1pkHbOvL02qT14gAdK9U__Jh1D2ugns-eRLruZYzGICTj3W4xj2UtoL_zntmP_yorZblY06MEm0Jz--cwYB5M4yXK66qpYmCYODoDvZfBco3T7guAHI_8qaMp43RlRBvyTLy_US-AuaRkj6f3ZY5pWlhVONxl-UhRwDGBjKmwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI_vbu9puDgQMVhKDeCh0olwFHEAEYASAAEgJ2j_D_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWjVEMPG-CZSsF3vGb98JQf8ob35zJDhOGfFshVf4guAg3ZVtCKRDlHqNYLgtZVohBFkAvnKEVnZRpfS68nb_Ytwmq4VjT-BgB%26sig%3DAOD64_0V_R20uuJeOGv-xV-k2uQ9Mb-jmA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-AQsxYW9n1C1UzW5RfjLGadzuWgRsJonvYnsK9nmF35BuoVR-h3__YKtUWUhYfkIbnf7b1G-qeAjsGQ_2jzq0veGU0vIo7EuYkZHYaJhpw_ikJvPwh7sh4CK7AEnEvfOOZ4PPdaHhRTTg_PTYjIMnyZx25Ul1IYpJlCk4AUDXX9hrpYqe4%26cry%3D1%26dbm_d%3DAKAmf-CA4EP-jyzwqR5ySLVOKDDGvYnjLPkKJuTzXBJSOgZ-kIcF3_0gosDG2gp_EL0yubBdAKXOtjXqOkWcFgV4MmCkVfjjj2wgWtu1RGyG3DSkmT8pCyOXviCDTu0DnYpDVu1FA4nZMs834CTzH9OjrkhY5upo8oL96rPk5l2bjSC_5D8UT4B11IrYwYi6KWB8xSWShPFo8pdZBAQb6iDXHquaT9xCq7GcgD9nnfCXnU9bsnUEOy2jnFtO7lHhhVEizFnbWGLGQDdlUFlNOeyqb8ej1sZU1Aps-LOUMJp855g78DzbYpDmjsFxAVdo0Ul0Qwg7AcIbLKoBbGXsJ1ALYdHtL5K5KffNBXM6uidjaazNO0bSIjc2Mqs5muP20rUf85rUZGXKzc-LtLTDc733KSe3SAxOB28xjUFhPDZfzg8tW9_h1zayZt5hFLDiWgArzD8XRQ3W0sGZQf11L2v1WzYsnayM_xi3gLFdXfbMHgUrgu7lEhqP8C5MiUk_VNjGDMqUzd_rK5mnwIT04NlzaiQ1QB9XMpWHxDtXzpQBuOyGM_TxKJbmjmlYiRtIItjWYHB0dt9ObJM0K7Uoupyhe_8D5GGjUmKzfgoWfgVhP09vrSTIeZnh1etvSXizxxf8nRgn7QPCBjwWBAi5QpZLz-taGRDB62ot7KqUU6xNluy5DYL7r7o%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=6880939456663&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Wed, 30 Aug 2023 02:21:24 +0200
gen_204
pagead2.googlesyndication.com/pagead/ Frame 80CB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5756873493586&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 80CB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5756873493586&version=m202307240101&ct=77&x=1&cor=4840510643516789000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 80CB 		15 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4WMkQg6kKh5QGScsx8kCVpwN6ax6ZTRBsWQZoNuXwXjf0v1bHEy0LiUOf9suRZQZOZ4HjoUuIyvVNrKNOqUYPnNktPiS_hlv1iRRaovWMVGaWTuTlNlc2iqn1nQxaTgocViCEGh4uLHJQtNWJFSBQAc2weqld-EBTVGYctoCh6Vj3OCU&cry=1&dbm_d=AKAmf-BaaJFS6iM2ubkPyzq2oj9PSZ4mqktPoIs6xkV9aH3TNk-e6y5DWpAre4p6_QAgHjTH0UM_DGBlSyL9VDxnxyYy4jdXNK3Da55bzv8jDAHG2Xxk8xro2iy5AQJyv9e47hdUYxMHE589-qgWRiXYaN22v_GPVetboxMEKZr6EaRIod666ADbEccCVrfEg7jKy0_zl74LiqKUHiQkTfujHzIY2jGdLyv5DBA81-H1v5iJe7KBbP9pZWcrEL7JT4ss6KG11S-E-xZPH74bfsymd5oYwdy_t7oomzJPZtOdheF0UncHVfZHJxXBaOE1Cdq7aDQx55VEhq2kmiP7DiXwraHMUfLyFvZ7TYMwXmxE_kxnYJ-sGJJAl1RFiYPXV3GaM95ewctzB86UCVi00H9CXVT1zmVjfvF83_pOcWNpGqx6GNl5OS180F6fGFxeWX12JTC_rUHdaz2Udvowv8gPEQSAoP3J6-csiJgnDySKeCdtcjx0hfgq7zg9w-rDQDw1tkmKCYKN9HsWiM38Xp1BNsNI29dKmVYIJMin9hHz_wDnpHBl04lRR-1p39_p52qukrqX5fxmyz1F11B5TsS7N7E7ZrWgq3aMpHUJ0hhSM-QbogZ3xUr3FrIp_TrWGIJ2OdIWZRhyDHGkGT9_IkRAfeU6jTVzb2t2Seb3A9JhlShTF5rYowh5dTnogLaKRtdRfauLfSb9kkrM-9Mh3-c3PUMAHZ2ziUZRovfgH-M0iZsGnxm_XCdovocBiKXZrCmgYISo0R1mddpDvRXCny-CBXAWbgSjqZqAyFa7F-cr97O349oCQlXPI4UEDUyqsXgPTFtEj4oZXzrFSouv1IjmfOOKRYc_wF9u6yLzC3uIftwFvb2Gju5UW6hJmqt9VSN1PHu_aJpoY1WYGeARh0z6pcIT3qJot9Ehpz7--6QzIpKg3shZFeRAX95RaD2Vj8n7LjygKa2-ogCp8cGljQIMGbrYX-e62YNW_PC-K3tO0JA5_L_JQohwKVPOeHkd1Sk29SY7D_QOSa5Fjnnr2SIwq0Pfn6Lu1u5_6hTChqkDykYX1c1qavQ0eY9crHn_udaYNaUk7wzo9mwDRQXKBaMseFm20v4oPCdG2_xXRkmW3Zs5VJ3IKzjt_QFd2K9ccLhRCgVooctUSia8mWujF3JY5rDYAuDKfRNrTIA-boeuVkD-ph-Nuk1cWgDfNVPcajXCBCQKmuwrRFvIJOIfLgj0MpvZp9duKWtIHcvh4mRd8lutiFlX_cG83c7PRNuJwASzJM-wm3-XfpZAO-ixG_E6V_B5MEuQHvLvQWSAa0rKWa3p3_aefk6xjG_bC9WO1O5ygwXV9eazlpgK9hAQ6_mLKEDd49aIT-lpWdPBEmJaVWrC92gXSttgwmmyGSYhbK9-3ZkbD9TBt6irCaQU_0zOUHXJkWXhczNYmWXiFeG2XkdqqorIf04KaKBtbuarIiOs1UqadqNxIOKJ82xr4L_iZITKDXJDIPp3-_6lYqqJ-tFTAgAmnUlY7po6dn3fjnkgXqeC5_Q_soY0RWZMsqGBB8cG9Ne64UzyrEgyMTRe658DVjpp8r0WwNvCg-Via1C4VYDEc0LZnV3VaYCWynxwUgQ5SJHK0ck_JTe5KSgext1qhvlf2LRElAJfOY8SU3sogAZuK8FgXY8aASrTKj_aUqN79dz4k53QzkVMzXJ5YOMAmevqiA9CcFXP_omGGEvhRRQTMAbV9OwWQ09OX6Xowh27zcqZG_HTgJ8RR6W6mdrspHWeCakrEdRao74egxnsxID1m2OcaXrAPnP8E8XS34NxBEF_8YmUYDeLdD_PbKb_aLt4jEsfibYP_nwKXooTWuno5uyPDkA2Anxx7KX7j9G_h3cn6DO8Cj2QMignbPp74wXyND82VQIC08Nv9-jboq5nRkltH59yD7kZDHwc-ExoJx2z1WtwyqndOK7GUIE40BnYtlC6igMnEJelKbhghNFqKzTnZrGrt075H1m68uhgGAEEzfaWbIL1dsin1xk-PYInU6_-ggT80hbZU8TapnQ2HWoffM0IxRCfBoDFP43aiZEvUbXzMAcDkYoHCQQw5kxJfyMcLUtiBYTgaA_bceJ2TSa2UDg6zMXtXlS9EYlxBEzq7zzIroNHDb84pFnbDXPH1m-dF37GmypqjPlxQZaxWIgSWk-0tPqKsXfAXwANmqAm1pUAdtOU4Y6VFpokyfA-MYdad1n34rCXGjUyzKykaDQx03WX4m2HS2Gp7pAxRXic4sJsstBTHlQv0Db61jnFshK1TSh-mroshCl-3uapTCi8rEQCONS8Dc8HTgA_IYK22ol8CLvqYM2hn41AzcI80-wuCUAt5mbNkNn6yeH0FASR37czOoWdL1KYB9KtNp7MDVxZ4ioglloFpgJT9EcqnFxmaZpmgdamY-mpWvxE7eEFU7Dl051m0iiMmSzOU3yAjbAOI3JTH8vHFTT7ATYkRAd65uvzV8EQG7GaULD4ZxQPZqDWFrzhhPBF9ADXgC6Au85kDbRCp4Kpjui1cAsJLbgjIFdXO8s83zN7g-YEP1ql6GIIGU8BfatmRxLT9y_MQn5Cqce8V3nArMnZU1EhS5QUuBYBsS0n9AKUmSYY44JvsuHAK6JjDpTRYGX9UsV5-BgQJOy3KFZCy-DV72ZdkXtpALqqCLwmUyEGrhoW8N4aTUFU7Bmfz7MXdKO0BCAtBXCGxcKpWj6aOlMGkFLnW0mquxILk48QzZbs5F_rG_qRD8murGYhd5sCI9TsqhiQo8uMq3yzJRFZ-0rkA5zGeEcI9KZeo_2HE8szKERAIEfyNxhDKIs6SkyBBMb2B8yEs17KFB2OyUpSzM9OvaYfxmfp5FsIfn9rQgMc6z97E5K0hDQS5ucjPHVHS_vdDev0jaAge2hayvd1eLMiaCaPCnlw16v0k6Oi--zVVh8InpFAQMBrt8qQfQlTw6ASrcEO4TF_5WwapspaAzCuWkOTqtKxwqeQdxJTNhhneVY7bqlROmGuSgrnx-ZGnaSZulESHmn3IvrwaHrYJP868E59HMDbGOtTem_9BnlcTn-8yrmeF7I9Gy0A15XYcmC-ILJAKZLzTfVYmmEOevvP2X-hIYf7pVDreEwz9WfS_y-W9VicxUTW0fyPFmcljU5tj4UFMbBGYw7DYVrDquxruLVY5VQfz13EmSzum1zEqX38HVlcByWMFpeIyMEu8jsJrYTxu9NrA-fUAltoFKQMJMl9aaOSdPGItawJ0QEtDm5gGb1Y6i_ytXByKyo9p6YOgZ383I-EacH_Eq4OGQGlIq4fn8XWB0uv2gXTVTdG9_vCHCNy1rOWmmwIgKCdW_oqVs2NreJWosfmlHDqNWtR_HberilBm-ccNlVrOgGgYJay13b-ipmYyGVd1Vtw7kqhvqhTx4k3Bt0pj2cEpOzFEycomBjhPiA8uqEU_ALKEfH9frp_mPvVK72rDN_QIb7wIZZe9En-NyNoFFXloAj5ZCKPiwNgze8sWOyuMkDVudnfglZUf3QGKYX0LL-RezEyKl2xhZT7Fwf8XcYcWbVhlB3u-k9An-B55TZVaGXKCKnQs1YDNI24JqvfsDR6LQxbr-b0zSN73WDzMVKhRDKwQyducAdeSdlE6qPGGRbrf15yp8BB3WFMt7B4us9qJYQ_3iXE-Lg4DHyUSkys8vtI39Tu-yXOTxNhCEBctKNMR3BWwOZox7gdtLixMqdjYx5QDftdd3_xyLT9LGMqZTcj6_CpmVvauaRRIXCjiRnduIP0cwabrp9-S0RNJSCX5mwolaQafw&cid=CAQSOwBpAlJWX1uAjGKyvMorPG_DazRda3xoQHq17N3FkUzB9LfhAhLbspU4WPV8pyIS7HmFYzsT8QElTBCJGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=4840510643516789000&adk=627576174&idt=98&cac=0&dtd=63
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a0027db491484e4e9f20788aea67151d17e15580c715638b8f2e378c8f72fc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351283&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483255&bpp=405&bdt=614&idt=723&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=2&ga_vid=448424990.1693358484&ga_sid=1693358484&ga_hid=1924307505&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2172&biw=1600&bih=1200&isw=336&ish=280&ifk=2231387374&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077328%2C42531706%2C21065724&oid=2&pvsid=848690160865409&tmod=1792512408&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n2dom0z1dmc7&btvi=1&fsb=1&dtd=744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11799
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D30C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
12759
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 21:48:45 GMT
expires
Wed, 28 Aug 2024 21:48:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 87EE 		829 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
44202c00bace1a774f810cb4579aae69aa15200bce4e79708c4428c1a38dd1ab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4lTScan06pthn28KnWGEtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
533
content-security-policy
script-src 'report-sample' 'nonce-4lTScan06pthn28KnWGEtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:24 GMT
expires
Wed, 30 Aug 2023 01:21:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
vast.aniview.com/api/adserver61/vast/ 		817 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=645c834590f2c48ad908f465&AV_CHANNELID=6469fbec71f13c58010ba477&AV_URL=https%3A%2F%2Fwww.bg3.co&cb=R0.1693358484870&AV_WIDTH=700&AV_HEIGHT=393&AV_GDPR=1&AV_CONSENT=&AV_CCPA=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.4/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
a751bcba50f803b2976e034162689cd424f9098dd91fd894b9f9b83b60164bca

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

Date
Wed, 30 Aug 2023 01:21:25 GMT
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
X-Bamboo-C-SkSt
1
Transfer-Encoding
chunked
X-Bamboo-WL-Track
track1.aniview.com
Connection
Keep-Alive
X-Bamboo-WL-Player
https://player.aniview.com
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.bg3.co
X-Bamboo-WL-Serve
gov.aniview.com
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
X-HW
1693358484.dop006.ml1.t,1693358484.cds033.ml1.shn,1693358484.dop006.ml1.t,1693358484.cds213.ml1.sc,1693358485.cds213.ml1.p
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 4C87 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
828
x-guploader-uploadid
ADPycdvYW5jQ5_kCXAplmMxE3p8pfCwsniZJelO2MsOjvyMLsYPKpiaWgPblPG13BiEm42E7gLAazydimOPVTnAplTeZBg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4Ss3YKVmP0lNA95i4%2Fbjp5S4XHyv9lhhOLUZCdVvsianX%2FpzTWLdqleYtBDmvWUfqyiaH9sSutgtAGtTCWiH9zUHJXeIeSKoXbn8dNkOyCiNHYo8pVGDe5DWZNg4XHx2aXEJ2yFvZzimuIFSFSbXpIm"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7fe93782f8b85a37-MXP
expires
Wed, 30 Aug 2023 01:16:05 GMT
js
www.googletagmanager.com/gtag/ 		266 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0e737ec8770445ca53b2096192c7f10c94a69d144fab767d02854d572fb04298
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90655
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 30 Aug 2023 01:21:24 GMT
js
www.googletagmanager.com/gtag/ 		266 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
38d7e0d472ff66c5513cd8c722327a7bc13018694b598e4b373bb34dcd3844e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90605
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 30 Aug 2023 01:21:24 GMT
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
frame.html
ad4m.at/ Frame F47C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
1455091
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7fe93782dbea59ef-MXP
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 01:21:24 GMT
expires
Wed, 09 Aug 2023 01:00:19 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99x7Kd7T65Q4ik7c6dyYUTDZAHzjKHBHNj4eiyqVaUFa9Pa%2BTH9gYghjupJhxivN%2FtpiljaiX8hk6ZDEVQ9tYTXHo6lzJZs9Evf9RDtwsdXMkw9zcd%2Fvl56CxdIosH7s7J9NpgA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
truncated
/ Frame FAB0 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3efc9b7ed428975553d8f0afde42fd1ae55ccb873929d727dc3bb4d81f083fe8

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame A9D4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEP_q6z9bZzJySBZkdJvzz2E&google_cver=1&google_push=AXcoOmQv3nEdi5DeR51_x5e_ZP1zEckRsIXwRBg8Vq1JvZdNYRrsKZrVgpj-lBG8Qi0TUmMflGY2gnUYR6UlZWVy...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQv3nEdi5DeR51_x5e_ZP1zEckRsIXwRBg8Vq1JvZdNYRrsKZrVgpj-lBG8Qi0TUmMflGY2gnUYR6UlZWVyXfPuaQD_2qTU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQv3nEdi5DeR51_x5e_ZP1zEckRsIXwRBg8Vq1JvZdNYRrsKZrVgpj-lBG8Qi0TUmMflGY2gnUYR6UlZWVyXfPuaQD_2qTU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351284&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483291&bpp=440&bdt=671&idt=787&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=1&ga_vid=1930005420.1693358484&ga_sid=1693358484&ga_hid=394706282&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3637166096&scr_x=0&scr_y=0&eid=44798879%2C44759875%2C44759926%2C44759837%2C44798934%2C31076998&oid=2&pvsid=1084659188754477&tmod=1700580836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.om6dmuaj93it&fsb=1&dtd=804
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 30 Aug 2023 01:21:25 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x26 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQv3nEdi5DeR51_x5e_ZP1zEckRsIXwRBg8Vq1JvZdNYRrsKZrVgpj-lBG8Qi0TUmMflGY2gnUYR6UlZWVyXfPuaQD_2qTU
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 30 Aug 2023 01:21:24 GMT
pixel
cm.g.doubleclick.net/ Frame A9D4
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEOKx-Swc3XdugfhLHGvfpgY&google_cver=1&google_push=AXcoOmSVTs7DZWd5FPKwCP8rrsyPMMJg_2FIG2hz28bcpYfd8d41T_CDNEJmm2dB6PWBQVK2JTRPEUE0bZM_tMvqJer5tG3zWhy6
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0197E0FE5B9F4CF0AF00A0E1A4D91CFE&google_push=AXcoOmSVTs7DZWd5FPKwCP8rrsyPMMJg_2FIG2hz28bcpYfd8d41T_CDNEJmm2dB6PWBQVK2JTRPEUE0bZM_tMv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0197E0FE5B9F4CF0AF00A0E1A4D91CFE&google_push=AXcoOmSVTs7DZWd5FPKwCP8rrsyPMMJg_2FIG2hz28bcpYfd8d41T_CDNEJmm2dB6PWBQVK2JTRPEUE0bZM_tMvqJer5tG3zWhy6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351284&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483291&bpp=440&bdt=671&idt=787&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=1&ga_vid=1930005420.1693358484&ga_sid=1693358484&ga_hid=394706282&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3637166096&scr_x=0&scr_y=0&eid=44798879%2C44759875%2C44759926%2C44759837%2C44798934%2C31076998&oid=2&pvsid=1084659188754477&tmod=1700580836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.om6dmuaj93it&fsb=1&dtd=804
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 30 Aug 2023 01:21:25 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0197E0FE5B9F4CF0AF00A0E1A4D91CFE&google_push=AXcoOmSVTs7DZWd5FPKwCP8rrsyPMMJg_2FIG2hz28bcpYfd8d41T_CDNEJmm2dB6PWBQVK2JTRPEUE0bZM_tMvqJer5tG3zWhy6
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 29 Aug 2023 01:21:25 GMT
pixel
cm.g.doubleclick.net/ Frame A9D4
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEN95FU9nop2TI6W0f2VxLPo&google_cver=1&google_push=AXcoOmTqvQoxWY1M08toNud1aYkenuBamAoVFmf4mt1bf96d6aedHQCuxdBMhBGWgaRv3-ieA8uWMq8D8T8m8G...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MjkxOTMxMzQ3OTg5MTEwMg%3D%3D&google_push=AXcoOmTqvQoxWY1M08toNud1aYkenuBamAoVFmf4mt1bf96d6aedHQCuxdBMhBGWgaRv3-ieA8uWMq8D8T8m8GhFau...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MjkxOTMxMzQ3OTg5MTEwMg%3D%3D&google_push=AXcoOmTqvQoxWY1M08toNud1aYkenuBamAoVFmf4mt1bf96d6aedHQCuxdBMhBGWgaRv3-ieA8uWMq8D8T8m8GhFaubVnlCpTJ84
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351284&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483291&bpp=440&bdt=671&idt=787&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=1&ga_vid=1930005420.1693358484&ga_sid=1693358484&ga_hid=394706282&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3637166096&scr_x=0&scr_y=0&eid=44798879%2C44759875%2C44759926%2C44759837%2C44798934%2C31076998&oid=2&pvsid=1084659188754477&tmod=1700580836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.om6dmuaj93it&fsb=1&dtd=804
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MjkxOTMxMzQ3OTg5MTEwMg%3D%3D&google_push=AXcoOmTqvQoxWY1M08toNud1aYkenuBamAoVFmf4mt1bf96d6aedHQCuxdBMhBGWgaRv3-ieA8uWMq8D8T8m8GhFaubVnlCpTJ84
Date
Wed, 30 Aug 2023 01:21:25 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame A9D4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDj76ZP2GcGrlcrouTwblOI&google_cver=1&google_push=AXcoOmRfNrzZrGzqxip8P-3TiXNgZe7Dqs--03XKTyQqMy5a2nOioCf_t5Yb-k8KljbTdwm8yqJlBRnoqntJ3Mg0GioP...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDj76ZP2GcGrlcrouTwblOI&google_cver=1&google_push=AXcoOmRfNrzZrGzqxip8P-3TiXNgZe7Dqs--03XKTyQqMy5a2nOioCf_t5Yb-k8KljbTdwm8yqJlBRnoqntJ3M...
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=fd9c6952-267e-4773-9dfd-6de7d3199520
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=fd9c6952-267e-4773-9dfd-6de7d3199520
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=315151df-e50b-4aba-83b5-43d5bbe4c04b&user_group=1&ssp=google&bsw_param=fd9c6952-267e-4773-9dfd-6de7d3199520
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRfNrzZrGzqxip8P-3TiXNgZe7Dqs--03XKTyQqMy5a2nOioCf_t5Yb-k8KljbTdwm8yqJlBRnoqntJ3Mg0GioPTlDsmtRR&google_hm=_ZxpUiZ-R3Od_W3n0xmVIA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRfNrzZrGzqxip8P-3TiXNgZe7Dqs--03XKTyQqMy5a2nOioCf_t5Yb-k8KljbTdwm8yqJlBRnoqntJ3Mg0GioPTlDsmtRR&google_hm=_ZxpUiZ-R3Od_W3n0xmVIA==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRfNrzZrGzqxip8P-3TiXNgZe7Dqs--03XKTyQqMy5a2nOioCf_t5Yb-k8KljbTdwm8yqJlBRnoqntJ3Mg0GioPTlDsmtRR&google_hm=_ZxpUiZ-R3Od_W3n0xmVIA==
date
Wed, 30 Aug 2023 01:21:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame A9D4
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR1oi...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-kCH9E9JAq9eNTr6o39pVdEy4WCj5Dt9UkX-YDQ&google_push=AXcoOmR1oiLZbMVCHnIyaIO4gXDKs5Rpd8ibhMspFvzxmQbe1hARh3msAHgeWwvp8hrlQFJIpA_4NImDOomc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-kCH9E9JAq9eNTr6o39pVdEy4WCj5Dt9UkX-YDQ&google_push=AXcoOmR1oiLZbMVCHnIyaIO4gXDKs5Rpd8ibhMspFvzxmQbe1hARh3msAHgeWwvp8hrlQFJIpA_4NImDOomcBcvXBU-n2bose34
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351284&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483291&bpp=440&bdt=671&idt=787&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=1&ga_vid=1930005420.1693358484&ga_sid=1693358484&ga_hid=394706282&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3637166096&scr_x=0&scr_y=0&eid=44798879%2C44759875%2C44759926%2C44759837%2C44798934%2C31076998&oid=2&pvsid=1084659188754477&tmod=1700580836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.om6dmuaj93it&fsb=1&dtd=804
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:24 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-kCH9E9JAq9eNTr6o39pVdEy4WCj5Dt9UkX-YDQ&google_push=AXcoOmR1oiLZbMVCHnIyaIO4gXDKs5Rpd8ibhMspFvzxmQbe1hARh3msAHgeWwvp8hrlQFJIpA_4NImDOomcBcvXBU-n2bose34
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
858403
content-length
0
expires
Wed, 30 Aug 2023 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A9D4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IDqa0LPCDikw5UDp_4O0PArtrvnlM7ArUyNAV-KZIPT7jG4rcpxy7b39s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351284&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483291&bpp=440&bdt=671&idt=787&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=1&ga_vid=1930005420.1693358484&ga_sid=1693358484&ga_hid=394706282&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3637166096&scr_x=0&scr_y=0&eid=44798879%2C44759875%2C44759926%2C44759837%2C44798934%2C31076998&oid=2&pvsid=1084659188754477&tmod=1700580836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.om6dmuaj93it&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:24 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
485b45e4-ec37-4877-b063-6da9e89c7f61
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/485b45e4-ec37-4877-b063-6da9e89c7f61
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
58bc7538-2307-44b1-97ba-0d3799af45f8
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/58bc7538-2307-44b1-97ba-0d3799af45f8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
M-HeFlSCME_k5Ph7lXtMc9K-bQ1dlElVsMlNN0Ru4uM.js
pagead2.googlesyndication.com/bg/ Frame 0CA7 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/M-HeFlSCME_k5Ph7lXtMc9K-bQ1dlElVsMlNN0Ru4uM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33e1de165482304fe4e4f87b957b4c73d2be6d0d5d944955b0c94d37446ee2e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 15:15:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
554751
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14677
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Aug 2024 15:15:33 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 80CB 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4WMkQg6kKh5QGScsx8kCVpwN6ax6ZTRBsWQZoNuXwXjf0v1bHEy0LiUOf9suRZQZOZ4HjoUuIyvVNrKNOqUYPnNktPiS_hlv1iRRaovWMVGaWTuTlNlc2iqn1nQxaTgocViCEGh4uLHJQtNWJFSBQAc2weqld-EBTVGYctoCh6Vj3OCU&cry=1&dbm_d=AKAmf-BaaJFS6iM2ubkPyzq2oj9PSZ4mqktPoIs6xkV9aH3TNk-e6y5DWpAre4p6_QAgHjTH0UM_DGBlSyL9VDxnxyYy4jdXNK3Da55bzv8jDAHG2Xxk8xro2iy5AQJyv9e47hdUYxMHE589-qgWRiXYaN22v_GPVetboxMEKZr6EaRIod666ADbEccCVrfEg7jKy0_zl74LiqKUHiQkTfujHzIY2jGdLyv5DBA81-H1v5iJe7KBbP9pZWcrEL7JT4ss6KG11S-E-xZPH74bfsymd5oYwdy_t7oomzJPZtOdheF0UncHVfZHJxXBaOE1Cdq7aDQx55VEhq2kmiP7DiXwraHMUfLyFvZ7TYMwXmxE_kxnYJ-sGJJAl1RFiYPXV3GaM95ewctzB86UCVi00H9CXVT1zmVjfvF83_pOcWNpGqx6GNl5OS180F6fGFxeWX12JTC_rUHdaz2Udvowv8gPEQSAoP3J6-csiJgnDySKeCdtcjx0hfgq7zg9w-rDQDw1tkmKCYKN9HsWiM38Xp1BNsNI29dKmVYIJMin9hHz_wDnpHBl04lRR-1p39_p52qukrqX5fxmyz1F11B5TsS7N7E7ZrWgq3aMpHUJ0hhSM-QbogZ3xUr3FrIp_TrWGIJ2OdIWZRhyDHGkGT9_IkRAfeU6jTVzb2t2Seb3A9JhlShTF5rYowh5dTnogLaKRtdRfauLfSb9kkrM-9Mh3-c3PUMAHZ2ziUZRovfgH-M0iZsGnxm_XCdovocBiKXZrCmgYISo0R1mddpDvRXCny-CBXAWbgSjqZqAyFa7F-cr97O349oCQlXPI4UEDUyqsXgPTFtEj4oZXzrFSouv1IjmfOOKRYc_wF9u6yLzC3uIftwFvb2Gju5UW6hJmqt9VSN1PHu_aJpoY1WYGeARh0z6pcIT3qJot9Ehpz7--6QzIpKg3shZFeRAX95RaD2Vj8n7LjygKa2-ogCp8cGljQIMGbrYX-e62YNW_PC-K3tO0JA5_L_JQohwKVPOeHkd1Sk29SY7D_QOSa5Fjnnr2SIwq0Pfn6Lu1u5_6hTChqkDykYX1c1qavQ0eY9crHn_udaYNaUk7wzo9mwDRQXKBaMseFm20v4oPCdG2_xXRkmW3Zs5VJ3IKzjt_QFd2K9ccLhRCgVooctUSia8mWujF3JY5rDYAuDKfRNrTIA-boeuVkD-ph-Nuk1cWgDfNVPcajXCBCQKmuwrRFvIJOIfLgj0MpvZp9duKWtIHcvh4mRd8lutiFlX_cG83c7PRNuJwASzJM-wm3-XfpZAO-ixG_E6V_B5MEuQHvLvQWSAa0rKWa3p3_aefk6xjG_bC9WO1O5ygwXV9eazlpgK9hAQ6_mLKEDd49aIT-lpWdPBEmJaVWrC92gXSttgwmmyGSYhbK9-3ZkbD9TBt6irCaQU_0zOUHXJkWXhczNYmWXiFeG2XkdqqorIf04KaKBtbuarIiOs1UqadqNxIOKJ82xr4L_iZITKDXJDIPp3-_6lYqqJ-tFTAgAmnUlY7po6dn3fjnkgXqeC5_Q_soY0RWZMsqGBB8cG9Ne64UzyrEgyMTRe658DVjpp8r0WwNvCg-Via1C4VYDEc0LZnV3VaYCWynxwUgQ5SJHK0ck_JTe5KSgext1qhvlf2LRElAJfOY8SU3sogAZuK8FgXY8aASrTKj_aUqN79dz4k53QzkVMzXJ5YOMAmevqiA9CcFXP_omGGEvhRRQTMAbV9OwWQ09OX6Xowh27zcqZG_HTgJ8RR6W6mdrspHWeCakrEdRao74egxnsxID1m2OcaXrAPnP8E8XS34NxBEF_8YmUYDeLdD_PbKb_aLt4jEsfibYP_nwKXooTWuno5uyPDkA2Anxx7KX7j9G_h3cn6DO8Cj2QMignbPp74wXyND82VQIC08Nv9-jboq5nRkltH59yD7kZDHwc-ExoJx2z1WtwyqndOK7GUIE40BnYtlC6igMnEJelKbhghNFqKzTnZrGrt075H1m68uhgGAEEzfaWbIL1dsin1xk-PYInU6_-ggT80hbZU8TapnQ2HWoffM0IxRCfBoDFP43aiZEvUbXzMAcDkYoHCQQw5kxJfyMcLUtiBYTgaA_bceJ2TSa2UDg6zMXtXlS9EYlxBEzq7zzIroNHDb84pFnbDXPH1m-dF37GmypqjPlxQZaxWIgSWk-0tPqKsXfAXwANmqAm1pUAdtOU4Y6VFpokyfA-MYdad1n34rCXGjUyzKykaDQx03WX4m2HS2Gp7pAxRXic4sJsstBTHlQv0Db61jnFshK1TSh-mroshCl-3uapTCi8rEQCONS8Dc8HTgA_IYK22ol8CLvqYM2hn41AzcI80-wuCUAt5mbNkNn6yeH0FASR37czOoWdL1KYB9KtNp7MDVxZ4ioglloFpgJT9EcqnFxmaZpmgdamY-mpWvxE7eEFU7Dl051m0iiMmSzOU3yAjbAOI3JTH8vHFTT7ATYkRAd65uvzV8EQG7GaULD4ZxQPZqDWFrzhhPBF9ADXgC6Au85kDbRCp4Kpjui1cAsJLbgjIFdXO8s83zN7g-YEP1ql6GIIGU8BfatmRxLT9y_MQn5Cqce8V3nArMnZU1EhS5QUuBYBsS0n9AKUmSYY44JvsuHAK6JjDpTRYGX9UsV5-BgQJOy3KFZCy-DV72ZdkXtpALqqCLwmUyEGrhoW8N4aTUFU7Bmfz7MXdKO0BCAtBXCGxcKpWj6aOlMGkFLnW0mquxILk48QzZbs5F_rG_qRD8murGYhd5sCI9TsqhiQo8uMq3yzJRFZ-0rkA5zGeEcI9KZeo_2HE8szKERAIEfyNxhDKIs6SkyBBMb2B8yEs17KFB2OyUpSzM9OvaYfxmfp5FsIfn9rQgMc6z97E5K0hDQS5ucjPHVHS_vdDev0jaAge2hayvd1eLMiaCaPCnlw16v0k6Oi--zVVh8InpFAQMBrt8qQfQlTw6ASrcEO4TF_5WwapspaAzCuWkOTqtKxwqeQdxJTNhhneVY7bqlROmGuSgrnx-ZGnaSZulESHmn3IvrwaHrYJP868E59HMDbGOtTem_9BnlcTn-8yrmeF7I9Gy0A15XYcmC-ILJAKZLzTfVYmmEOevvP2X-hIYf7pVDreEwz9WfS_y-W9VicxUTW0fyPFmcljU5tj4UFMbBGYw7DYVrDquxruLVY5VQfz13EmSzum1zEqX38HVlcByWMFpeIyMEu8jsJrYTxu9NrA-fUAltoFKQMJMl9aaOSdPGItawJ0QEtDm5gGb1Y6i_ytXByKyo9p6YOgZ383I-EacH_Eq4OGQGlIq4fn8XWB0uv2gXTVTdG9_vCHCNy1rOWmmwIgKCdW_oqVs2NreJWosfmlHDqNWtR_HberilBm-ccNlVrOgGgYJay13b-ipmYyGVd1Vtw7kqhvqhTx4k3Bt0pj2cEpOzFEycomBjhPiA8uqEU_ALKEfH9frp_mPvVK72rDN_QIb7wIZZe9En-NyNoFFXloAj5ZCKPiwNgze8sWOyuMkDVudnfglZUf3QGKYX0LL-RezEyKl2xhZT7Fwf8XcYcWbVhlB3u-k9An-B55TZVaGXKCKnQs1YDNI24JqvfsDR6LQxbr-b0zSN73WDzMVKhRDKwQyducAdeSdlE6qPGGRbrf15yp8BB3WFMt7B4us9qJYQ_3iXE-Lg4DHyUSkys8vtI39Tu-yXOTxNhCEBctKNMR3BWwOZox7gdtLixMqdjYx5QDftdd3_xyLT9LGMqZTcj6_CpmVvauaRRIXCjiRnduIP0cwabrp9-S0RNJSCX5mwolaQafw&cid=CAQSOwBpAlJWX1uAjGKyvMorPG_DazRda3xoQHq17N3FkUzB9LfhAhLbspU4WPV8pyIS7HmFYzsT8QElTBCJGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=4840510643516789000&adk=627576174&idt=98&cac=0&dtd=63
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 03:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
337209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 03:41:15 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 393E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351284&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483291&bpp=440&bdt=671&idt=787&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=1&ga_vid=1930005420.1693358484&ga_sid=1693358484&ga_hid=394706282&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3637166096&scr_x=0&scr_y=0&eid=44798879%2C44759875%2C44759926%2C44759837%2C44798934%2C31076998&oid=2&pvsid=1084659188754477&tmod=1700580836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.om6dmuaj93it&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:25 GMT
expires
Wed, 30 Aug 2023 01:21:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:25 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
M-HeFlSCME_k5Ph7lXtMc9K-bQ1dlElVsMlNN0Ru4uM.js
pagead2.googlesyndication.com/bg/ Frame F218 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/M-HeFlSCME_k5Ph7lXtMc9K-bQ1dlElVsMlNN0Ru4uM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33e1de165482304fe4e4f87b957b4c73d2be6d0d5d944955b0c94d37446ee2e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 15:15:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
554751
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14677
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Aug 2024 15:15:33 GMT
collect
q.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bg3.co
Date
Wed, 30 Aug 2023 01:21:25 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
pagead2.googlesyndication.com/bg/ Frame 75B3 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 19:55:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
192365
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14795
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Aug 2024 19:55:20 GMT
wmoiqux43uzw
hal9000.redintelligence.net/zone/ Frame 80CB 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1693358484061465&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVrkIlJnuZJngA83o6wSGv6GIBablvaBpvZOcp8kP8C4QASDSzIEaYJUCyAEJqQLsn1KfTUOyPqgDAcgDm4SAgASqBNgBT9AH1Zte45Wi9y58D0GO-227H5TbRqu-X5dsD4LzPlLNV9sjvmA3OOOGbRoj9nBqAErhdsOQTLeA7XQtiUO6mtU8U1DfJ8pb1na2OiRWgx4Qimwo3MP5PqWRl4s25bhFsUZWL_jCYLN9d494RQAMyeG17Zscc4783zHNX_yS6mGwurE7cJsmiszkBPu7xYWGSAK2dbPQH6wfYoCCx9vEBHWtZcFt2gvPNkXJg6mtPCNEzACFbCzdi8ogqjGYLVau1wtGQJjBgDQ5pula7GMDJ9OTE703f4APwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMImfqt95uDgQMVTfSaCh2GXwhREAEYASAAEgIHevD_BwE%26num%3D1%26cid%3DCAQSOwBpAlJWX1uAjGKyvMorPG_DazRda3xoQHq17N3FkUzB9LfhAhLbspU4WPV8pyIS7HmFYzsT8QElTBCJGAE%26sig%3DAOD64_3xvyY74vDFigJgmD4Oz4y4kDU5xg%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-DpNbITFTFq8h9rd7UrCgofSvlWvtyDi4LcPrR-PoryoxOmZ-LyHJ5fWLkjN40iCYTAeo7fzWXP2DC8DSx8IMmUk3IYAqpYee2REB4qg5W2ruyeS7xuV3UKMKjsLIWJwYXTvf2iS2aXigEF1DQwj_1zJmHIADHqZ2f3uDKVkOJyphftC-E%26cry%3D1%26dbm_d%3DAKAmf-AA2kFXii1sZxPbPsVgP4YVDwKsQKEOzCkBpauO2XYQoE_K-Jh-nYLvolJB15Xb8FQxRteEcinyvOsb380jjvn3YI6AiQQQD6BaSYFoImt_Cze3-4ovTwrz0j2FKObFxCkDXDynBM_slHhe7ZTfwufRHKmUTd2dpA0kFe8jWNpoEJTL_Boicd-lxSJDEgZ-aEAsj4Vmc5dHG_w1hqmLoyBFqB-6hFC9ty9U87wiHf2BxuyO4IiXrrhCY9hxmwnQXnFN4pIUMhQbW-sObSXXYRFH4LJ3DU0yt5gDTh_eFZXhhO6CiRf7j_rrWWR_-OqPUy9o2AqjxKTVRq5GcgmUSFcY3aLZ6ey9aZKwaKmxMClsAQbinZEIolyuUYf74gxXipRTwP8rLi7X4sp1twG5fW-ngRhiIFBFPCBEQcJSgHSoqMB0gf5RwMsK1Tb3aERBnsYPQohrmK-BuoRkdu1Xr1g1ilu-GWilrQsF0bIweo6sCHde_7azJK2E7TfFUrk6C42IEONJQPVDeunFINfNG6qAZ27wSI1ycU2akMAe-3_PRTEdPDvUmCG9e21MmcrFxv0w--hImV1K-heZPv_nS7tODvf0M08zfj8qJrV6mVX_51pPno5quzw3VOMwer8RCg60UfsI3UPDyYhkhe3lkGv2ebhJeprg7ESHXhK4vzf9X16DimQ%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351283&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483255&bpp=405&bdt=614&idt=723&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=2&ga_vid=448424990.1693358484&ga_sid=1693358484&ga_hid=1924307505&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2172&biw=1600&bih=1200&isw=336&ish=280&ifk=2231387374&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077328%2C42531706%2C21065724&oid=2&pvsid=848690160865409&tmod=1792512408&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n2dom0z1dmc7&btvi=1&fsb=1&dtd=744
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
fa149d2d5185647fe4ca8848b93deee697484008974d0d7593f05ceaaeb61daa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 01:21:25 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4262
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame 2DD6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308240101&jk=2279931510577245&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 87EE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308240101&jk=3423301451663690&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame FAB0 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 00:05:03 GMT
x-content-type-options
nosniff
age
350182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 00:05:03 GMT
rs
ad4m.at/ Frame 4728 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b7d329c2969ef1811e4813943451dd9e502b57678c12adef6c91bc60621456

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 30 Aug 2023 01:21:25 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NVu1Jm77n6y5IYR9hwlBIIkizmT2QTOanXFh0MQA4tJZNpln6dK1eHz5BSYSgcts1YMbsek8cXgcg5tVqzBij6lltCA5Z3Ffw%2FjcB2fzo0nl1doG1If0hWNsjT41CDaeVoVTYU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cf-ray
7fe93783ef53bb13-MXP
x-backend-server
aa-reachservice-group-europe-west1-b4lk
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://www.bg3.co
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7fe937839f37bb13-MXP
content-length
24
content-type
text/plain
date
Wed, 30 Aug 2023 01:21:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgLz0jSxv7pUPjqMxSBPRmK9eBJm59cQ8EOM4zzJLFsOZwQbst1tKnfkPikSsm8f8H9E2EQpv4RCosPP2pv2hp22Jjx%2BQPNJ%2BlzbVe2Iuw4y%2FwtFx1ODhyZwLoYjDMTdjew3Hd0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-n1s0
adview
googleads.g.doubleclick.net/pagead/ Frame 32FB 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CrrbKk5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoEkwJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmaxY61f_6vKsEDCiCFqCr7hkR53cwHj4O-Nz-mvoMgODeE5qLlHgGoAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTMyMTYyMzE5MzU3MTMwMzgYAA&sigh=DLq0VPMJtwU&uach_m=[UACH]&cid=CAQSKQBpAlJWIkZ_ryldFjPTdTH6RuKKPGHuVzHn3M1HhHiBhC_uyTPHD7CNGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2852665323357970481&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3323&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=709001778&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&ga_hid=1500233466&dt=1693358483295&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&bdt=1354&dtd=142&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2852665323357970481&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3323&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=709001778&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&ga_hid=1500233466&dt=1693358483295&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&bdt=1354&dtd=142&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 30 Aug 2023 01:21:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 32FB 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kfm0x27bramyydm59084z0hqhr1mawz25bkeagsqfhq77yxgrg2e9q38ycsr2e8k7dn7hvtt4cs4bw2tcyxf0nhej2v4m1rehfmmhrew9861442mh93dzh4g7rhmp5293fjex245vqew3ynjydj6pvtmya92saqy0bghjdavj0h863y9bgbk15kdrsrz4xms3gcd3s80xbyxca3qe3mw7edcd9bskg1e5b4gbcgjzppdmxdrm41estxtsdr8ryfxbkst3cyvsjy5zdvbd42wxexj0z5ne6hy5wfcqpz1mmffmd73v9e2btvs4panhq2cn1s5ghx8bf05zn8awp5te6yhdsah4g0c6vm1tgk8qnv4nsd740m5ttgtr8a5z2ddm9cyj1dykkc152b&b=ZO6ZkwAM1AYKGS0VAAL05u7UM9QKtADx4vnbwg&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2852665323357970481&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3323&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=709001778&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&ga_hid=1500233466&dt=1693358483295&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&bdt=1354&dtd=142&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 30 Aug 2023 01:21:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230828-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 01:21:25 GMT
x-amz-request-id
H94FJWAASNXACN8Y
age
1531
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
8WdH+xczaFe1eqbP6uhBtmeiAXrbpYFeRAWQ5dFgC6C272jCeuos7M3xJKCXQ+u1QBjnGzDHVZQ=
x-served-by
cache-mxp6936-MXP
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1693358485.039523,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
33
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
558
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230828-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 01:21:25 GMT
x-amz-request-id
A6XD77SS1CMDSM72
age
6827
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
FSxV+8Hpz/6WkleYz3xquIzHKjbgxOmYAfNkOGLdUSjKradKSM07FyoFtz+tnbwAd2b/26VZ5MQ=
x-served-by
cache-mxp6936-MXP
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693358485.039795,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
43
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
469
oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
pagead2.googlesyndication.com/bg/ Frame E561 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 19:55:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
192365
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14795
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Aug 2024 19:55:20 GMT
player_logo.svg
cdn.unibotscdn.com/ubplayer/logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.unibotscdn.com/ubplayer/logo/player_logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1077 /
Resource Hash
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:25 GMT
content-encoding
gzip
cdn-edgestorageid
860
cdn-storageserver
DE-677
cdn-cachedat
08/17/2023 06:30:53
cdn-pullzone
873945
last-modified
Thu, 17 Aug 2023 06:20:20 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
655
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=2592000
cdn-requestid
b08f0ad0c9c1911ef02c0e424d625392
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
pagead2.googlesyndication.com/bg/ Frame D30C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 19:55:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
192365
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14795
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Aug 2024 19:55:20 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-700YDXWXPV&gtm=45je38s0&_p=1500233466&cid=1870201937.1693358483&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693358485&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&dt=%E7%82%B8%E9%9B%9E%E5%A5%BD%E9%A6%99%EF%BC%81%E5%B0%8F%E5%A7%90%E5%A7%90%E8%82%A9%E8%86%80%E3%80%8C%E5%87%BA%E7%8F%BE%E5%A4%A7%E7%89%9B%E9%A0%AD%E3%80%8D%E3%80%80%E6%8B%89%E6%89%AF%E6%89%8B%E8%87%82%EF%BC%9A%E7%B5%A6%E6%88%91%E5%90%83%E5%95%A6%EF%BD%9E%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.586.0_en.html
imasdk.googleapis.com/js/core/ Frame 1CAB 		720 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6c84b6607a1fb1669e2110c8f5cb7af35b2f5d6c2aa06ce0a6e9d1be2af99fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
246864
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236436
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 04:47:01 GMT
expires
Mon, 26 Aug 2024 04:47:01 GMT
last-modified
Thu, 24 Aug 2023 15:59:05 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 01:21:25 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 04F4 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 00:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 30 Aug 2023 01:52:50 GMT
playlist.m3u8
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/ 		171 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/playlist.m3u8
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
09db039251766d76dd3ec8b446813be70778c66e060c306b63ceb96aa200b4af

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:25 GMT
content-encoding
gzip
cdn-edgestorageid
1055
cdn-storageserver
DE-661
cdn-cachedat
08/18/2023 10:37:57
cdn-pullzone
829957
last-modified
Fri, 18 Aug 2023 08:18:43 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
637
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
4dd3c4231900556952365dc311cd7971
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 403F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
240580
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 06:31:45 GMT
expires
Mon, 26 Aug 2024 06:31:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rar
as.ad4m.at/ad/ Frame 333A 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14222%2C200038%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CprMH1fDARpF9rkZukH4HmtztxZ3UgTRT8XaE%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CJBWFzfmY3qa3geWcBH6H7tqCER2CXTgT4WtX%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=af672aa875b901cb271b5ebf2131176c%2F1624113414517554670&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693358485127&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCvlVLkpnuZJaAJ4TWzQa_lLe4CsT-wtJoz8bNpokL-y4QASC35YQhYPUFyAEJqQLsn1KfTUOyPqgDAcgDmwSqBLsBT9BES3PNq3zfodlYgprHk1eshnBqMHYOR_AOKaizcYPe6Fjd752RSrA7vYHpPLzFOfepnD_o0cIjbr0BdbmbydHhyYUjKzH8xLhoa-M1JAi7Zq-1nBB2xqBZjdRxTHMt34ogwTerZ0Q4Jsesm3kvszzB4vZrGK-aI8v-qDLxkpG80UmP4Ttbx9JTv-p_tlqPsOupEcpZqWKD4UyktGT2NchRc7tZe_q96fROObl2sTguKa0apq7LHXBzZcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItNjkzNjU2gAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIlpHX9puDgQMVBGvTCh0_yg2nEAEYASAAEgLI9_D_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWNG_qTrAtvCJjztkYbftH3M6gjLYPRWU0LbiS55VhbSH4EtNnTnSRxZ4GTawnGAE%2526sig%253DAOD64_0Bbfbnw1EZp66OQ927DNiZM__LBg%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-A637oTepq_rAQfumDYC5lWfPEqfu-A0b8mgAO218AS0qEZco4JUAUkc0-Cfk3-VaE8zceL2ymLS9YuBUjHVP-oqjh0eOje0dg_lT2NlzQzxi2fHwNSF1LnbO0u5-AGTneeScTjS7bpazYwQ7K9HSrmDBJxzT4sw7SVHjFDHOrvzZIrYyc%2526cry%253D1%2526dbm_d%253DAKAmf-Dn1OaWIurmIg-iyp5FYiUKRVQbt4To3nQzHxyg-_MY98AmUvBrQrlD3X_niGFX3OHVnNNVXzDyxzImiZvm_R_OLQedaTk75rFbFUIwE6UszzJfMmwcjICMr2wjbj_0D4sCGTtu4Bsma4grIjdiDrcnLnEK0FtTZaFuMiEwEIOidI1RbV984yIsglcmDB7KN_x1kvhMImLREguHQmmPWlqqZyJ5J00wTqWcncaBuabhHE0YAGK_ObiTwlbIonK8aQX5symfEoC8ToUuDovtwwokeIMVAxcjs4UsTKK_OrfBqaWLmNyc0_5rnbY4wQsNNiwZ4eYMbd6mtZi4YQr4jqUlrq8pUJMhu5BhZpnFAqptR2k1KXRl5NbfVLj6Z2f47j9hxs8APNASYJXWrm0KcyT7gzru5kgx6qDptgfwdnvI2-jGxs4otOaaR4f-YyAAROwSnyq2F9GFHCyXKhAjhv0MDZvU2CHW9H583Aed2tDG46ywJK7SZHY83PGJqLMLSVnLgldYxwo-o2zdYeHDB8jgqKBR3XMdSav_TIiEOee4Std3ql5w0ZiKiQYCSsmTFzrSqjRq-_C4ux-HMO8VuVXsatD2R5Tad7Wla1kqUxsudtLoPrzhVRJAL3xgQ87bTsJ7XIGv%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c767702346d477daca8c9be65b7fbe6986a8a2dc767e5f7bc34f6e6a9a66bb84
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7fe93784dcd159ef-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:25 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/getconfig/ Frame 99F3 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230828&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
619e106a21b76b85b674cddd388ddb72935eee56c2a3037380e6827c257178a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11755
x-xss-protection
0
request_content.php
hal900027.redintelligence.net/ Frame B93D 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900027.redintelligence.net/request_content.php?s=77442200005636504445002012432027&a=f48cb19b
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=118ff2abf7&subid=&uid=1a1ff0ec494852d0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJfXXk5nuZL7hAYTB-gaoroa4BKblvaBpnZecp8kP8C4QASC6hMAzYJUCyAEJqQIhXsNpQECyPqgDAcgDmwSqBOcBT9BvsAi9NPZxbVONyB6xysaUwYUUUyDf-kUrgKuKx0Fg-ErAQ5DI2RUwQdqVcWZU7bfs6Vfgw2T51cNm6JN9Sd0AhHUENBkcVukP-AW8vxNUwucOe1KJG5GaHsR0S7ve05Qx2BjK67pt1pkHbOvL02qT14gAdK9U__Jh1D2ugns-eRLruZYzGICTj3W4xj2UtoL_zntmP_yorZblY06MEm0Jz--cwYB5M4yXK66qpYmCYODoDvZfBco3T7guAHI_8qaMp43RlRBvyTLy_US-AuaRkj6f3ZY5pWlhVONxl-UhRwDGBjKmwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI_vbu9puDgQMVhKDeCh0olwFHEAEYASAAEgJ2j_D_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWjVEMPG-CZSsF3vGb98JQf8ob35zJDhOGfFshVf4guAg3ZVtCKRDlHqNYLgtZVohBFkAvnKEVnZRpfS68nb_Ytwmq4VjT-BgB%26sig%3DAOD64_0V_R20uuJeOGv-xV-k2uQ9Mb-jmA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-AQsxYW9n1C1UzW5RfjLGadzuWgRsJonvYnsK9nmF35BuoVR-h3__YKtUWUhYfkIbnf7b1G-qeAjsGQ_2jzq0veGU0vIo7EuYkZHYaJhpw_ikJvPwh7sh4CK7AEnEvfOOZ4PPdaHhRTTg_PTYjIMnyZx25Ul1IYpJlCk4AUDXX9hrpYqe4%26cry%3D1%26dbm_d%3DAKAmf-CA4EP-jyzwqR5ySLVOKDDGvYnjLPkKJuTzXBJSOgZ-kIcF3_0gosDG2gp_EL0yubBdAKXOtjXqOkWcFgV4MmCkVfjjj2wgWtu1RGyG3DSkmT8pCyOXviCDTu0DnYpDVu1FA4nZMs834CTzH9OjrkhY5upo8oL96rPk5l2bjSC_5D8UT4B11IrYwYi6KWB8xSWShPFo8pdZBAQb6iDXHquaT9xCq7GcgD9nnfCXnU9bsnUEOy2jnFtO7lHhhVEizFnbWGLGQDdlUFlNOeyqb8ej1sZU1Aps-LOUMJp855g78DzbYpDmjsFxAVdo0Ul0Qwg7AcIbLKoBbGXsJ1ALYdHtL5K5KffNBXM6uidjaazNO0bSIjc2Mqs5muP20rUf85rUZGXKzc-LtLTDc733KSe3SAxOB28xjUFhPDZfzg8tW9_h1zayZt5hFLDiWgArzD8XRQ3W0sGZQf11L2v1WzYsnayM_xi3gLFdXfbMHgUrgu7lEhqP8C5MiUk_VNjGDMqUzd_rK5mnwIT04NlzaiQ1QB9XMpWHxDtXzpQBuOyGM_TxKJbmjmlYiRtIItjWYHB0dt9ObJM0K7Uoupyhe_8D5GGjUmKzfgoWfgVhP09vrSTIeZnh1etvSXizxxf8nRgn7QPCBjwWBAi5QpZLz-taGRDB62ot7KqUU6xNluy5DYL7r7o%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=6880939456663&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
8fd68a54c973ad837724a6048e26edd4619b0f1c1796ef6493593ba1faab4ca6

Request headers

Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2283
Content-Type
text/html; charset=utf-8
Date
Wed, 30 Aug 2023 01:21:25 GMT
Expires
Wed, 30 Aug 2023 02:21:25 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
bfe7b26b-2662-48de-a9fa-944fa9f5cd0a
https://www.bg3.co/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/bfe7b26b-2662-48de-a9fa-944fa9f5cd0a
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
4896
Content-Type
application/javascript
b1018a14-e586-4c12-8af1-871b6e29ab31
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/b1018a14-e586-4c12-8af1-871b6e29ab31
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
fd7e28d1-5b1e-4e48-ba22-2c4b35e0d10f
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/fd7e28d1-5b1e-4e48-ba22-2c4b35e0d10f
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
request.php
hal900010.redintelligence.net/ Frame 80CB 		613 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=1cd0a1043d&subid=&uid=a80f472092e3ea66&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVrkIlJnuZJngA83o6wSGv6GIBablvaBpvZOcp8kP8C4QASDSzIEaYJUCyAEJqQLsn1KfTUOyPqgDAcgDm4SAgASqBNgBT9AH1Zte45Wi9y58D0GO-227H5TbRqu-X5dsD4LzPlLNV9sjvmA3OOOGbRoj9nBqAErhdsOQTLeA7XQtiUO6mtU8U1DfJ8pb1na2OiRWgx4Qimwo3MP5PqWRl4s25bhFsUZWL_jCYLN9d494RQAMyeG17Zscc4783zHNX_yS6mGwurE7cJsmiszkBPu7xYWGSAK2dbPQH6wfYoCCx9vEBHWtZcFt2gvPNkXJg6mtPCNEzACFbCzdi8ogqjGYLVau1wtGQJjBgDQ5pula7GMDJ9OTE703f4APwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMImfqt95uDgQMVTfSaCh2GXwhREAEYASAAEgIHevD_BwE%26num%3D1%26cid%3DCAQSOwBpAlJWX1uAjGKyvMorPG_DazRda3xoQHq17N3FkUzB9LfhAhLbspU4WPV8pyIS7HmFYzsT8QElTBCJGAE%26sig%3DAOD64_3xvyY74vDFigJgmD4Oz4y4kDU5xg%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-DpNbITFTFq8h9rd7UrCgofSvlWvtyDi4LcPrR-PoryoxOmZ-LyHJ5fWLkjN40iCYTAeo7fzWXP2DC8DSx8IMmUk3IYAqpYee2REB4qg5W2ruyeS7xuV3UKMKjsLIWJwYXTvf2iS2aXigEF1DQwj_1zJmHIADHqZ2f3uDKVkOJyphftC-E%26cry%3D1%26dbm_d%3DAKAmf-AA2kFXii1sZxPbPsVgP4YVDwKsQKEOzCkBpauO2XYQoE_K-Jh-nYLvolJB15Xb8FQxRteEcinyvOsb380jjvn3YI6AiQQQD6BaSYFoImt_Cze3-4ovTwrz0j2FKObFxCkDXDynBM_slHhe7ZTfwufRHKmUTd2dpA0kFe8jWNpoEJTL_Boicd-lxSJDEgZ-aEAsj4Vmc5dHG_w1hqmLoyBFqB-6hFC9ty9U87wiHf2BxuyO4IiXrrhCY9hxmwnQXnFN4pIUMhQbW-sObSXXYRFH4LJ3DU0yt5gDTh_eFZXhhO6CiRf7j_rrWWR_-OqPUy9o2AqjxKTVRq5GcgmUSFcY3aLZ6ey9aZKwaKmxMClsAQbinZEIolyuUYf74gxXipRTwP8rLi7X4sp1twG5fW-ngRhiIFBFPCBEQcJSgHSoqMB0gf5RwMsK1Tb3aERBnsYPQohrmK-BuoRkdu1Xr1g1ilu-GWilrQsF0bIweo6sCHde_7azJK2E7TfFUrk6C42IEONJQPVDeunFINfNG6qAZ27wSI1ycU2akMAe-3_PRTEdPDvUmCG9e21MmcrFxv0w--hImV1K-heZPv_nS7tODvf0M08zfj8qJrV6mVX_51pPno5quzw3VOMwer8RCg60UfsI3UPDyYhkhe3lkGv2ebhJeprg7ESHXhK4vzf9X16DimQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=3579881579689&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1693358484061465&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVrkIlJnuZJngA83o6wSGv6GIBablvaBpvZOcp8kP8C4QASDSzIEaYJUCyAEJqQLsn1KfTUOyPqgDAcgDm4SAgASqBNgBT9AH1Zte45Wi9y58D0GO-227H5TbRqu-X5dsD4LzPlLNV9sjvmA3OOOGbRoj9nBqAErhdsOQTLeA7XQtiUO6mtU8U1DfJ8pb1na2OiRWgx4Qimwo3MP5PqWRl4s25bhFsUZWL_jCYLN9d494RQAMyeG17Zscc4783zHNX_yS6mGwurE7cJsmiszkBPu7xYWGSAK2dbPQH6wfYoCCx9vEBHWtZcFt2gvPNkXJg6mtPCNEzACFbCzdi8ogqjGYLVau1wtGQJjBgDQ5pula7GMDJ9OTE703f4APwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMImfqt95uDgQMVTfSaCh2GXwhREAEYASAAEgIHevD_BwE%26num%3D1%26cid%3DCAQSOwBpAlJWX1uAjGKyvMorPG_DazRda3xoQHq17N3FkUzB9LfhAhLbspU4WPV8pyIS7HmFYzsT8QElTBCJGAE%26sig%3DAOD64_3xvyY74vDFigJgmD4Oz4y4kDU5xg%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-DpNbITFTFq8h9rd7UrCgofSvlWvtyDi4LcPrR-PoryoxOmZ-LyHJ5fWLkjN40iCYTAeo7fzWXP2DC8DSx8IMmUk3IYAqpYee2REB4qg5W2ruyeS7xuV3UKMKjsLIWJwYXTvf2iS2aXigEF1DQwj_1zJmHIADHqZ2f3uDKVkOJyphftC-E%26cry%3D1%26dbm_d%3DAKAmf-AA2kFXii1sZxPbPsVgP4YVDwKsQKEOzCkBpauO2XYQoE_K-Jh-nYLvolJB15Xb8FQxRteEcinyvOsb380jjvn3YI6AiQQQD6BaSYFoImt_Cze3-4ovTwrz0j2FKObFxCkDXDynBM_slHhe7ZTfwufRHKmUTd2dpA0kFe8jWNpoEJTL_Boicd-lxSJDEgZ-aEAsj4Vmc5dHG_w1hqmLoyBFqB-6hFC9ty9U87wiHf2BxuyO4IiXrrhCY9hxmwnQXnFN4pIUMhQbW-sObSXXYRFH4LJ3DU0yt5gDTh_eFZXhhO6CiRf7j_rrWWR_-OqPUy9o2AqjxKTVRq5GcgmUSFcY3aLZ6ey9aZKwaKmxMClsAQbinZEIolyuUYf74gxXipRTwP8rLi7X4sp1twG5fW-ngRhiIFBFPCBEQcJSgHSoqMB0gf5RwMsK1Tb3aERBnsYPQohrmK-BuoRkdu1Xr1g1ilu-GWilrQsF0bIweo6sCHde_7azJK2E7TfFUrk6C42IEONJQPVDeunFINfNG6qAZ27wSI1ycU2akMAe-3_PRTEdPDvUmCG9e21MmcrFxv0w--hImV1K-heZPv_nS7tODvf0M08zfj8qJrV6mVX_51pPno5quzw3VOMwer8RCg60UfsI3UPDyYhkhe3lkGv2ebhJeprg7ESHXhK4vzf9X16DimQ%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
dfc7cf5eea93bbaa650c1d3f916621d49318f41bcc4f9568c1dd10ffb09c3f1b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:25 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
31922200007015704444994012432010
Connection
close
Content-Length
330
Expires
Wed, 30 Aug 2023 02:21:25 +0200
request_content.php
hal90002.redintelligence.net/ Frame 4991 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/request_content.php?s=99267200007424204444982012432002&a=6e744d5e
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=ar0wka2ffzvy&nw=20&renderingType=javascript&namespace=4144e94b79&subid=&uid=156519bba037fe33&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGUHbk5nuZL3hAYTB-gaoroa4BKblvaBp_ZCcp8kP8C4QASC6hMAzYJUCyAEJqQIhXsNpQECyPqgDAcgDmwSqBOUBT9BDINRxbYeFiExI7SxDifdWZy-PPgZvgGyQh0xBBZ5BhksdJvG4d_WSzRQh8cGNWw3CGLlblrwQbzZPBOMBj2RZsHX9nzGXHFW5M0ubPvjJRw4xB_hpRMSAfFPeIfgThczbPP9-ZEN4Q4qlTZmALRRUzAJfnIUq9mSJ1yZMCVQNpj_dzHYWZUqeiGLTyaYFgxYdyF1qjPhiQqhlRVxzl3MdtV71VzFeXHq-DAHP_1W9pojE36ZLj7YmLcExOJRg2F0B6aULZ2dvw7foG2JbupK8xhJY5CbhEno8JCYjgK3GN5nCKcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI_fbu9puDgQMVhKDeCh0olwFHEAEYASAAEgKbSvD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWjVEMPG-CZSsF3vGb98JQf8ob35zJDhOGfFshVf4guAg3ZVtCKRDlHqNYLgtZVohBFkAvnKEVnZRpfS68nb_Ytwmq4VjT-BgB%26sig%3DAOD64_3qBjmdcJrcv07nHHU2D3ocFSg0Bg%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CAlBPxsCJ7Kdq3tU_AEhHpd49lhcfITQkQy4poSwwlBP1CRxnCowCUUI1fs9J14-FgUAUbHNZr8mjWhMkX2Z5PZxWZrrgZxG7WHt5rsI8rugTqDd0qDFxviFW1b8nOSsp7nrPlweA8Qj5qE347FKq_zT575dVweRDZEGGaoMaT8Iz2JoA%26cry%3D1%26dbm_d%3DAKAmf-DCzz0H0pjgmy7ngHZCsoSWHI2fDb3H_UqQ4mt0WdAqz9ziQI0gzrjeQCGxKY2akV_EeYxXwW47kEWP7vYXo1Yvg42Im0QXTAKUjnPU1H0gIPNRVmAyERNlRm6eXharkMkA-tUBjXHoozz7zY1CiQb8Krtud1eB9E4VlGpOO-scLDkw7UyKzWLKbULtyu24QjJFacrNOfD65_JdHiHoNAXSM1fY23mACZEP4_LTD2OQTo5FUR8PiQDfytBxgaeIRso7i9HiBqeVvf8LhCz7TRCIapasfjW7-xWRg6nXEkWh1-X-ZnfK3nahxm7gAfO-EPRrC1xJYuIcmb08isfswieArXcd0ZDLLSKI595UPeX6u0THW6rSY5SIvJgIFCaqi4cnt1No0e42o_76z_Tkth1-2wBhp6tJ3bV_-GEvJwLHb-F8XHQhn2vewHtO2si1OesJp6BJIdhocI7lgTh0AjEl2OCaUFeevS9_xiobX9gh83OpP84TgllV9P_La1EO_4szw2nMRlx-zUaCqgqFLmysJSdtk9lgrdl7Khug1LGt94rL9VBr4uBr-1a4yKqQXqCkahVPfDR6IUVk1aSdnNkqm2GnJYy7A5Kd1ppZ1R7pAKOxCeL6-8Zsbtlm89GLKEFwjnnR3Q43Orpep8ZjLwgSphKjeQBvqfYrTzMK_qRwGjCKoyY%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=7558562466495&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
2367fafbf4a3a3182e6ca0c4b1a76b3fe078e5f80bc34e9d62f19f999fd5e0ba

Request headers

Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1410
Content-Type
text/html; charset=utf-8
Date
Wed, 30 Aug 2023 01:21:25 GMT
Expires
Wed, 30 Aug 2023 02:21:25 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
/
pips.taboola.com/ 		4 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-mxp6972-MXP
date
Wed, 30 Aug 2023 01:21:25 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
pagead2.googlesyndication.com/bg/ Frame B9A1 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351284&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483291&bpp=440&bdt=671&idt=787&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=1&ga_vid=1930005420.1693358484&ga_sid=1693358484&ga_hid=394706282&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3637166096&scr_x=0&scr_y=0&eid=44798879%2C44759875%2C44759926%2C44759837%2C44798934%2C31076998&oid=2&pvsid=1084659188754477&tmod=1700580836&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.om6dmuaj93it&fsb=1&dtd=804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 19:55:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
192365
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14795
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Aug 2024 19:55:20 GMT
truncated
/ Frame 4467 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f719a3fcbffd039a404cbde23d8bd3767c04bb0201efb8923217ddb8fcb166ce

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 333A 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14222%2C200038%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CprMH1fDARpF9rkZukH4HmtztxZ3UgTRT8XaE%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CJBWFzfmY3qa3geWcBH6H7tqCER2CXTgT4WtX%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=af672aa875b901cb271b5ebf2131176c%2F1624113414517554670&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693358485127&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCvlVLkpnuZJaAJ4TWzQa_lLe4CsT-wtJoz8bNpokL-y4QASC35YQhYPUFyAEJqQLsn1KfTUOyPqgDAcgDmwSqBLsBT9BES3PNq3zfodlYgprHk1eshnBqMHYOR_AOKaizcYPe6Fjd752RSrA7vYHpPLzFOfepnD_o0cIjbr0BdbmbydHhyYUjKzH8xLhoa-M1JAi7Zq-1nBB2xqBZjdRxTHMt34ogwTerZ0Q4Jsesm3kvszzB4vZrGK-aI8v-qDLxkpG80UmP4Ttbx9JTv-p_tlqPsOupEcpZqWKD4UyktGT2NchRc7tZe_q96fROObl2sTguKa0apq7LHXBzZcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItNjkzNjU2gAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIlpHX9puDgQMVBGvTCh0_yg2nEAEYASAAEgLI9_D_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWNG_qTrAtvCJjztkYbftH3M6gjLYPRWU0LbiS55VhbSH4EtNnTnSRxZ4GTawnGAE%2526sig%253DAOD64_0Bbfbnw1EZp66OQ927DNiZM__LBg%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-A637oTepq_rAQfumDYC5lWfPEqfu-A0b8mgAO218AS0qEZco4JUAUkc0-Cfk3-VaE8zceL2ymLS9YuBUjHVP-oqjh0eOje0dg_lT2NlzQzxi2fHwNSF1LnbO0u5-AGTneeScTjS7bpazYwQ7K9HSrmDBJxzT4sw7SVHjFDHOrvzZIrYyc%2526cry%253D1%2526dbm_d%253DAKAmf-Dn1OaWIurmIg-iyp5FYiUKRVQbt4To3nQzHxyg-_MY98AmUvBrQrlD3X_niGFX3OHVnNNVXzDyxzImiZvm_R_OLQedaTk75rFbFUIwE6UszzJfMmwcjICMr2wjbj_0D4sCGTtu4Bsma4grIjdiDrcnLnEK0FtTZaFuMiEwEIOidI1RbV984yIsglcmDB7KN_x1kvhMImLREguHQmmPWlqqZyJ5J00wTqWcncaBuabhHE0YAGK_ObiTwlbIonK8aQX5symfEoC8ToUuDovtwwokeIMVAxcjs4UsTKK_OrfBqaWLmNyc0_5rnbY4wQsNNiwZ4eYMbd6mtZi4YQr4jqUlrq8pUJMhu5BhZpnFAqptR2k1KXRl5NbfVLj6Z2f47j9hxs8APNASYJXWrm0KcyT7gzru5kgx6qDptgfwdnvI2-jGxs4otOaaR4f-YyAAROwSnyq2F9GFHCyXKhAjhv0MDZvU2CHW9H583Aed2tDG46ywJK7SZHY83PGJqLMLSVnLgldYxwo-o2zdYeHDB8jgqKBR3XMdSav_TIiEOee4Std3ql5w0ZiKiQYCSsmTFzrSqjRq-_C4ux-HMO8VuVXsatD2R5Tad7Wla1kqUxsudtLoPrzhVRJAL3xgQ87bTsJ7XIGv%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=14222%2C200038%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CprMH1fDARpF9rkZukH4HmtztxZ3UgTRT8XaE%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CJBWFzfmY3qa3geWcBH6H7tqCER2CXTgT4WtX%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=af672aa875b901cb271b5ebf2131176c%2F1624113414517554670&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693358485127&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCvlVLkpnuZJaAJ4TWzQa_lLe4CsT-wtJoz8bNpokL-y4QASC35YQhYPUFyAEJqQLsn1KfTUOyPqgDAcgDmwSqBLsBT9BES3PNq3zfodlYgprHk1eshnBqMHYOR_AOKaizcYPe6Fjd752RSrA7vYHpPLzFOfepnD_o0cIjbr0BdbmbydHhyYUjKzH8xLhoa-M1JAi7Zq-1nBB2xqBZjdRxTHMt34ogwTerZ0Q4Jsesm3kvszzB4vZrGK-aI8v-qDLxkpG80UmP4Ttbx9JTv-p_tlqPsOupEcpZqWKD4UyktGT2NchRc7tZe_q96fROObl2sTguKa0apq7LHXBzZcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItNjkzNjU2gAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIlpHX9puDgQMVBGvTCh0_yg2nEAEYASAAEgLI9_D_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWNG_qTrAtvCJjztkYbftH3M6gjLYPRWU0LbiS55VhbSH4EtNnTnSRxZ4GTawnGAE%2526sig%253DAOD64_0Bbfbnw1EZp66OQ927DNiZM__LBg%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-A637oTepq_rAQfumDYC5lWfPEqfu-A0b8mgAO218AS0qEZco4JUAUkc0-Cfk3-VaE8zceL2ymLS9YuBUjHVP-oqjh0eOje0dg_lT2NlzQzxi2fHwNSF1LnbO0u5-AGTneeScTjS7bpazYwQ7K9HSrmDBJxzT4sw7SVHjFDHOrvzZIrYyc%2526cry%253D1%2526dbm_d%253DAKAmf-Dn1OaWIurmIg-iyp5FYiUKRVQbt4To3nQzHxyg-_MY98AmUvBrQrlD3X_niGFX3OHVnNNVXzDyxzImiZvm_R_OLQedaTk75rFbFUIwE6UszzJfMmwcjICMr2wjbj_0D4sCGTtu4Bsma4grIjdiDrcnLnEK0FtTZaFuMiEwEIOidI1RbV984yIsglcmDB7KN_x1kvhMImLREguHQmmPWlqqZyJ5J00wTqWcncaBuabhHE0YAGK_ObiTwlbIonK8aQX5symfEoC8ToUuDovtwwokeIMVAxcjs4UsTKK_OrfBqaWLmNyc0_5rnbY4wQsNNiwZ4eYMbd6mtZi4YQr4jqUlrq8pUJMhu5BhZpnFAqptR2k1KXRl5NbfVLj6Z2f47j9hxs8APNASYJXWrm0KcyT7gzru5kgx6qDptgfwdnvI2-jGxs4otOaaR4f-YyAAROwSnyq2F9GFHCyXKhAjhv0MDZvU2CHW9H583Aed2tDG46ywJK7SZHY83PGJqLMLSVnLgldYxwo-o2zdYeHDB8jgqKBR3XMdSav_TIiEOee4Std3ql5w0ZiKiQYCSsmTFzrSqjRq-_C4ux-HMO8VuVXsatD2R5Tad7Wla1kqUxsudtLoPrzhVRJAL3xgQ87bTsJ7XIGv%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
569295
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gp4716%2FSRlQW2Y2vuOQK%2BrmFTcDpmJATkzaWaQmLaRB2TogBB1cNjxcaknRcvX23%2BDzMCvZHbscVExXpvpnwzRkZe8VZmWYQfI1ZRJo%2BAK9WS8pi%2FuSeWvvSnMN3mZNemfgeAPCSD8M%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7fe937864d6259ef-MXP
expires
Wed, 30 Aug 2023 02:21:25 GMT
F99F7B1440ABEB022C430998FF44CDAB82F3CD00A36700CC79228A3DE9A87038D435D34B685200F2B70F978A7EE9C99F0C4437241E8F180117C8DF3E4EC05EC4
assets.ad4m.at/logo/ Frame 333A 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F99F7B1440ABEB022C430998FF44CDAB82F3CD00A36700CC79228A3DE9A87038D435D34B685200F2B70F978A7EE9C99F0C4437241E8F180117C8DF3E4EC05EC4
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14222%2C200038%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CprMH1fDARpF9rkZukH4HmtztxZ3UgTRT8XaE%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CJBWFzfmY3qa3geWcBH6H7tqCER2CXTgT4WtX%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=af672aa875b901cb271b5ebf2131176c%2F1624113414517554670&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693358485127&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCvlVLkpnuZJaAJ4TWzQa_lLe4CsT-wtJoz8bNpokL-y4QASC35YQhYPUFyAEJqQLsn1KfTUOyPqgDAcgDmwSqBLsBT9BES3PNq3zfodlYgprHk1eshnBqMHYOR_AOKaizcYPe6Fjd752RSrA7vYHpPLzFOfepnD_o0cIjbr0BdbmbydHhyYUjKzH8xLhoa-M1JAi7Zq-1nBB2xqBZjdRxTHMt34ogwTerZ0Q4Jsesm3kvszzB4vZrGK-aI8v-qDLxkpG80UmP4Ttbx9JTv-p_tlqPsOupEcpZqWKD4UyktGT2NchRc7tZe_q96fROObl2sTguKa0apq7LHXBzZcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItNjkzNjU2gAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIlpHX9puDgQMVBGvTCh0_yg2nEAEYASAAEgLI9_D_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWNG_qTrAtvCJjztkYbftH3M6gjLYPRWU0LbiS55VhbSH4EtNnTnSRxZ4GTawnGAE%2526sig%253DAOD64_0Bbfbnw1EZp66OQ927DNiZM__LBg%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-A637oTepq_rAQfumDYC5lWfPEqfu-A0b8mgAO218AS0qEZco4JUAUkc0-Cfk3-VaE8zceL2ymLS9YuBUjHVP-oqjh0eOje0dg_lT2NlzQzxi2fHwNSF1LnbO0u5-AGTneeScTjS7bpazYwQ7K9HSrmDBJxzT4sw7SVHjFDHOrvzZIrYyc%2526cry%253D1%2526dbm_d%253DAKAmf-Dn1OaWIurmIg-iyp5FYiUKRVQbt4To3nQzHxyg-_MY98AmUvBrQrlD3X_niGFX3OHVnNNVXzDyxzImiZvm_R_OLQedaTk75rFbFUIwE6UszzJfMmwcjICMr2wjbj_0D4sCGTtu4Bsma4grIjdiDrcnLnEK0FtTZaFuMiEwEIOidI1RbV984yIsglcmDB7KN_x1kvhMImLREguHQmmPWlqqZyJ5J00wTqWcncaBuabhHE0YAGK_ObiTwlbIonK8aQX5symfEoC8ToUuDovtwwokeIMVAxcjs4UsTKK_OrfBqaWLmNyc0_5rnbY4wQsNNiwZ4eYMbd6mtZi4YQr4jqUlrq8pUJMhu5BhZpnFAqptR2k1KXRl5NbfVLj6Z2f47j9hxs8APNASYJXWrm0KcyT7gzru5kgx6qDptgfwdnvI2-jGxs4otOaaR4f-YyAAROwSnyq2F9GFHCyXKhAjhv0MDZvU2CHW9H583Aed2tDG46ywJK7SZHY83PGJqLMLSVnLgldYxwo-o2zdYeHDB8jgqKBR3XMdSav_TIiEOee4Std3ql5w0ZiKiQYCSsmTFzrSqjRq-_C4ux-HMO8VuVXsatD2R5Tad7Wla1kqUxsudtLoPrzhVRJAL3xgQ87bTsJ7XIGv%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3381eefb1d27cb110697afc4e4d12efc2e245609113ef6e53d4caf1db9d5f5e0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
881917
cf-polished
origFmt=png, origSize=14365
alt-svc
h3=":443"; ma=86400
content-length
10826
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:11:42 GMT
server
cloudflare
etag
"9bf9c6b0623b3198e5f2a1630ee7175c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vk5Y%2F0NV4IWVCapBDZvw8kcReBr353uOoWrjVyI3YlvwCo%2B%2FqF35PPu4r9sAgKUBaJrww3CAOraXGlI%2FtuI%2B118%2BiqSAIYxWvJcUxrKXcCKX3RtEybkw16wgGn6WxL1YXyqAeVCksTioUCaZ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7fe937865c890dc5-MXP
expires
Thu, 31 Aug 2023 01:21:25 GMT
87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
assets.ad4m.at/ Frame 333A 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14222%2C200038%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CprMH1fDARpF9rkZukH4HmtztxZ3UgTRT8XaE%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CJBWFzfmY3qa3geWcBH6H7tqCER2CXTgT4WtX%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=af672aa875b901cb271b5ebf2131176c%2F1624113414517554670&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693358485127&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCvlVLkpnuZJaAJ4TWzQa_lLe4CsT-wtJoz8bNpokL-y4QASC35YQhYPUFyAEJqQLsn1KfTUOyPqgDAcgDmwSqBLsBT9BES3PNq3zfodlYgprHk1eshnBqMHYOR_AOKaizcYPe6Fjd752RSrA7vYHpPLzFOfepnD_o0cIjbr0BdbmbydHhyYUjKzH8xLhoa-M1JAi7Zq-1nBB2xqBZjdRxTHMt34ogwTerZ0Q4Jsesm3kvszzB4vZrGK-aI8v-qDLxkpG80UmP4Ttbx9JTv-p_tlqPsOupEcpZqWKD4UyktGT2NchRc7tZe_q96fROObl2sTguKa0apq7LHXBzZcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItNjkzNjU2gAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIlpHX9puDgQMVBGvTCh0_yg2nEAEYASAAEgLI9_D_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWNG_qTrAtvCJjztkYbftH3M6gjLYPRWU0LbiS55VhbSH4EtNnTnSRxZ4GTawnGAE%2526sig%253DAOD64_0Bbfbnw1EZp66OQ927DNiZM__LBg%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-A637oTepq_rAQfumDYC5lWfPEqfu-A0b8mgAO218AS0qEZco4JUAUkc0-Cfk3-VaE8zceL2ymLS9YuBUjHVP-oqjh0eOje0dg_lT2NlzQzxi2fHwNSF1LnbO0u5-AGTneeScTjS7bpazYwQ7K9HSrmDBJxzT4sw7SVHjFDHOrvzZIrYyc%2526cry%253D1%2526dbm_d%253DAKAmf-Dn1OaWIurmIg-iyp5FYiUKRVQbt4To3nQzHxyg-_MY98AmUvBrQrlD3X_niGFX3OHVnNNVXzDyxzImiZvm_R_OLQedaTk75rFbFUIwE6UszzJfMmwcjICMr2wjbj_0D4sCGTtu4Bsma4grIjdiDrcnLnEK0FtTZaFuMiEwEIOidI1RbV984yIsglcmDB7KN_x1kvhMImLREguHQmmPWlqqZyJ5J00wTqWcncaBuabhHE0YAGK_ObiTwlbIonK8aQX5symfEoC8ToUuDovtwwokeIMVAxcjs4UsTKK_OrfBqaWLmNyc0_5rnbY4wQsNNiwZ4eYMbd6mtZi4YQr4jqUlrq8pUJMhu5BhZpnFAqptR2k1KXRl5NbfVLj6Z2f47j9hxs8APNASYJXWrm0KcyT7gzru5kgx6qDptgfwdnvI2-jGxs4otOaaR4f-YyAAROwSnyq2F9GFHCyXKhAjhv0MDZvU2CHW9H583Aed2tDG46ywJK7SZHY83PGJqLMLSVnLgldYxwo-o2zdYeHDB8jgqKBR3XMdSav_TIiEOee4Std3ql5w0ZiKiQYCSsmTFzrSqjRq-_C4ux-HMO8VuVXsatD2R5Tad7Wla1kqUxsudtLoPrzhVRJAL3xgQ87bTsJ7XIGv%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e0b652db045d1d748da7caa5b9d6e7950a78bfe9883c1a56ab7a4f52fdb3ddb

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1507335
cf-polished
origSize=17719, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
16782
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Oct 2019 13:02:31 GMT
server
cloudflare
etag
"27a67b486c4e661d3a1c0664a26b354c"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yh8oCsou04hKVi6xJlHLem2And%2BbJpS3SOs82QlMu7afXmREkLF%2F9nWEJ35YdDLFplhVXewXfU%2Fv5Q%2BDkac1UJLWrzAUm8NcxXi6gRs73EmkzOi0JUV%2FhkXZUbgR2koFcIkyYC0gjujWbciN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7fe937878de559ef-MXP
expires
Thu, 31 Aug 2023 01:21:25 GMT
ztpv.php
www.conrad.ch/ Frame 333A
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2246263&v=11467&q=346415&r=412871&pv=1&pref3=oneidJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtXoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.ch/ztpv.php?awc=11467_412871_1693358485_89c580d0-46d3-11ee-b5a9-2261897cac57&insert=AW&gdpr=0&gdpr_consent=
0
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.ch/ztpv.php?awc=11467_412871_1693358485_89c580d0-46d3-11ee-b5a9-2261897cac57&insert=AW&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14222%2C200038%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CprMH1fDARpF9rkZukH4HmtztxZ3UgTRT8XaE%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CJBWFzfmY3qa3geWcBH6H7tqCER2CXTgT4WtX%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=af672aa875b901cb271b5ebf2131176c%2F1624113414517554670&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693358485127&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCvlVLkpnuZJaAJ4TWzQa_lLe4CsT-wtJoz8bNpokL-y4QASC35YQhYPUFyAEJqQLsn1KfTUOyPqgDAcgDmwSqBLsBT9BES3PNq3zfodlYgprHk1eshnBqMHYOR_AOKaizcYPe6Fjd752RSrA7vYHpPLzFOfepnD_o0cIjbr0BdbmbydHhyYUjKzH8xLhoa-M1JAi7Zq-1nBB2xqBZjdRxTHMt34ogwTerZ0Q4Jsesm3kvszzB4vZrGK-aI8v-qDLxkpG80UmP4Ttbx9JTv-p_tlqPsOupEcpZqWKD4UyktGT2NchRc7tZe_q96fROObl2sTguKa0apq7LHXBzZcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItNjkzNjU2gAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIlpHX9puDgQMVBGvTCh0_yg2nEAEYASAAEgLI9_D_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWNG_qTrAtvCJjztkYbftH3M6gjLYPRWU0LbiS55VhbSH4EtNnTnSRxZ4GTawnGAE%2526sig%253DAOD64_0Bbfbnw1EZp66OQ927DNiZM__LBg%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-A637oTepq_rAQfumDYC5lWfPEqfu-A0b8mgAO218AS0qEZco4JUAUkc0-Cfk3-VaE8zceL2ymLS9YuBUjHVP-oqjh0eOje0dg_lT2NlzQzxi2fHwNSF1LnbO0u5-AGTneeScTjS7bpazYwQ7K9HSrmDBJxzT4sw7SVHjFDHOrvzZIrYyc%2526cry%253D1%2526dbm_d%253DAKAmf-Dn1OaWIurmIg-iyp5FYiUKRVQbt4To3nQzHxyg-_MY98AmUvBrQrlD3X_niGFX3OHVnNNVXzDyxzImiZvm_R_OLQedaTk75rFbFUIwE6UszzJfMmwcjICMr2wjbj_0D4sCGTtu4Bsma4grIjdiDrcnLnEK0FtTZaFuMiEwEIOidI1RbV984yIsglcmDB7KN_x1kvhMImLREguHQmmPWlqqZyJ5J00wTqWcncaBuabhHE0YAGK_ObiTwlbIonK8aQX5symfEoC8ToUuDovtwwokeIMVAxcjs4UsTKK_OrfBqaWLmNyc0_5rnbY4wQsNNiwZ4eYMbd6mtZi4YQr4jqUlrq8pUJMhu5BhZpnFAqptR2k1KXRl5NbfVLj6Z2f47j9hxs8APNASYJXWrm0KcyT7gzru5kgx6qDptgfwdnvI2-jGxs4otOaaR4f-YyAAROwSnyq2F9GFHCyXKhAjhv0MDZvU2CHW9H583Aed2tDG46ywJK7SZHY83PGJqLMLSVnLgldYxwo-o2zdYeHDB8jgqKBR3XMdSav_TIiEOee4Std3ql5w0ZiKiQYCSsmTFzrSqjRq-_C4ux-HMO8VuVXsatD2R5Tad7Wla1kqUxsudtLoPrzhVRJAL3xgQ87bTsJ7XIGv%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:bbe0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache
cf-ray
7fe9378b09740200-ZRH
content-length
0
expires
-1

Redirect headers

Date
Wed, 30 Aug 2023 01:21:25 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.ch/ztpv.php?awc=11467_412871_1693358485_89c580d0-46d3-11ee-b5a9-2261897cac57&insert=AW&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
822734168B827B1A0E57FF53EC6CBFBBD002FC8D7460BA6B8DE6F46F0023BD74E50D9FBBA049A063AB16B30699CAF8E6582A3DFB3481ACA57EB03EB039D10995
assets.ad4m.at/logo/ Frame 333A 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/822734168B827B1A0E57FF53EC6CBFBBD002FC8D7460BA6B8DE6F46F0023BD74E50D9FBBA049A063AB16B30699CAF8E6582A3DFB3481ACA57EB03EB039D10995
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14222%2C200038%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CprMH1fDARpF9rkZukH4HmtztxZ3UgTRT8XaE%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CJBWFzfmY3qa3geWcBH6H7tqCER2CXTgT4WtX%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=af672aa875b901cb271b5ebf2131176c%2F1624113414517554670&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693358485127&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCvlVLkpnuZJaAJ4TWzQa_lLe4CsT-wtJoz8bNpokL-y4QASC35YQhYPUFyAEJqQLsn1KfTUOyPqgDAcgDmwSqBLsBT9BES3PNq3zfodlYgprHk1eshnBqMHYOR_AOKaizcYPe6Fjd752RSrA7vYHpPLzFOfepnD_o0cIjbr0BdbmbydHhyYUjKzH8xLhoa-M1JAi7Zq-1nBB2xqBZjdRxTHMt34ogwTerZ0Q4Jsesm3kvszzB4vZrGK-aI8v-qDLxkpG80UmP4Ttbx9JTv-p_tlqPsOupEcpZqWKD4UyktGT2NchRc7tZe_q96fROObl2sTguKa0apq7LHXBzZcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItNjkzNjU2gAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIlpHX9puDgQMVBGvTCh0_yg2nEAEYASAAEgLI9_D_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWNG_qTrAtvCJjztkYbftH3M6gjLYPRWU0LbiS55VhbSH4EtNnTnSRxZ4GTawnGAE%2526sig%253DAOD64_0Bbfbnw1EZp66OQ927DNiZM__LBg%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-A637oTepq_rAQfumDYC5lWfPEqfu-A0b8mgAO218AS0qEZco4JUAUkc0-Cfk3-VaE8zceL2ymLS9YuBUjHVP-oqjh0eOje0dg_lT2NlzQzxi2fHwNSF1LnbO0u5-AGTneeScTjS7bpazYwQ7K9HSrmDBJxzT4sw7SVHjFDHOrvzZIrYyc%2526cry%253D1%2526dbm_d%253DAKAmf-Dn1OaWIurmIg-iyp5FYiUKRVQbt4To3nQzHxyg-_MY98AmUvBrQrlD3X_niGFX3OHVnNNVXzDyxzImiZvm_R_OLQedaTk75rFbFUIwE6UszzJfMmwcjICMr2wjbj_0D4sCGTtu4Bsma4grIjdiDrcnLnEK0FtTZaFuMiEwEIOidI1RbV984yIsglcmDB7KN_x1kvhMImLREguHQmmPWlqqZyJ5J00wTqWcncaBuabhHE0YAGK_ObiTwlbIonK8aQX5symfEoC8ToUuDovtwwokeIMVAxcjs4UsTKK_OrfBqaWLmNyc0_5rnbY4wQsNNiwZ4eYMbd6mtZi4YQr4jqUlrq8pUJMhu5BhZpnFAqptR2k1KXRl5NbfVLj6Z2f47j9hxs8APNASYJXWrm0KcyT7gzru5kgx6qDptgfwdnvI2-jGxs4otOaaR4f-YyAAROwSnyq2F9GFHCyXKhAjhv0MDZvU2CHW9H583Aed2tDG46ywJK7SZHY83PGJqLMLSVnLgldYxwo-o2zdYeHDB8jgqKBR3XMdSav_TIiEOee4Std3ql5w0ZiKiQYCSsmTFzrSqjRq-_C4ux-HMO8VuVXsatD2R5Tad7Wla1kqUxsudtLoPrzhVRJAL3xgQ87bTsJ7XIGv%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f5b11a8ed95cc5ef94a4a6fe4d32f704dfeca16300ca4c67cdcffaa01aa2481

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:25 GMT
cf-cache-status
HIT
age
1325854
cf-polished
origSize=48887, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
43327
cf-bgj
imgq:85,h2pri
last-modified
Mon, 19 Oct 2020 12:32:26 GMT
server
cloudflare
etag
"4fe1ecb98ff38283cdb2ae157e399ba2"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7fe937878de659ef-MXP
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Thu, 31 Aug 2023 01:21:25 GMT
C6655378DD4DD4484E0F91CFB00808CD053F0B114F670EB06F0F85DC7D0ABB72D1A2474F0A0A641A3939DFD98BEF59A13757BB188DC9EDBA8F6DDC5DBDFF4440
assets.ad4m.at/product_image/ Frame 333A 		406 KB
407 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/C6655378DD4DD4484E0F91CFB00808CD053F0B114F670EB06F0F85DC7D0ABB72D1A2474F0A0A641A3939DFD98BEF59A13757BB188DC9EDBA8F6DDC5DBDFF4440
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14222%2C200038%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CprMH1fDARpF9rkZukH4HmtztxZ3UgTRT8XaE%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CJBWFzfmY3qa3geWcBH6H7tqCER2CXTgT4WtX%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=af672aa875b901cb271b5ebf2131176c%2F1624113414517554670&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693358485127&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCvlVLkpnuZJaAJ4TWzQa_lLe4CsT-wtJoz8bNpokL-y4QASC35YQhYPUFyAEJqQLsn1KfTUOyPqgDAcgDmwSqBLsBT9BES3PNq3zfodlYgprHk1eshnBqMHYOR_AOKaizcYPe6Fjd752RSrA7vYHpPLzFOfepnD_o0cIjbr0BdbmbydHhyYUjKzH8xLhoa-M1JAi7Zq-1nBB2xqBZjdRxTHMt34ogwTerZ0Q4Jsesm3kvszzB4vZrGK-aI8v-qDLxkpG80UmP4Ttbx9JTv-p_tlqPsOupEcpZqWKD4UyktGT2NchRc7tZe_q96fROObl2sTguKa0apq7LHXBzZcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItNjkzNjU2gAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIlpHX9puDgQMVBGvTCh0_yg2nEAEYASAAEgLI9_D_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWNG_qTrAtvCJjztkYbftH3M6gjLYPRWU0LbiS55VhbSH4EtNnTnSRxZ4GTawnGAE%2526sig%253DAOD64_0Bbfbnw1EZp66OQ927DNiZM__LBg%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-A637oTepq_rAQfumDYC5lWfPEqfu-A0b8mgAO218AS0qEZco4JUAUkc0-Cfk3-VaE8zceL2ymLS9YuBUjHVP-oqjh0eOje0dg_lT2NlzQzxi2fHwNSF1LnbO0u5-AGTneeScTjS7bpazYwQ7K9HSrmDBJxzT4sw7SVHjFDHOrvzZIrYyc%2526cry%253D1%2526dbm_d%253DAKAmf-Dn1OaWIurmIg-iyp5FYiUKRVQbt4To3nQzHxyg-_MY98AmUvBrQrlD3X_niGFX3OHVnNNVXzDyxzImiZvm_R_OLQedaTk75rFbFUIwE6UszzJfMmwcjICMr2wjbj_0D4sCGTtu4Bsma4grIjdiDrcnLnEK0FtTZaFuMiEwEIOidI1RbV984yIsglcmDB7KN_x1kvhMImLREguHQmmPWlqqZyJ5J00wTqWcncaBuabhHE0YAGK_ObiTwlbIonK8aQX5symfEoC8ToUuDovtwwokeIMVAxcjs4UsTKK_OrfBqaWLmNyc0_5rnbY4wQsNNiwZ4eYMbd6mtZi4YQr4jqUlrq8pUJMhu5BhZpnFAqptR2k1KXRl5NbfVLj6Z2f47j9hxs8APNASYJXWrm0KcyT7gzru5kgx6qDptgfwdnvI2-jGxs4otOaaR4f-YyAAROwSnyq2F9GFHCyXKhAjhv0MDZvU2CHW9H583Aed2tDG46ywJK7SZHY83PGJqLMLSVnLgldYxwo-o2zdYeHDB8jgqKBR3XMdSav_TIiEOee4Std3ql5w0ZiKiQYCSsmTFzrSqjRq-_C4ux-HMO8VuVXsatD2R5Tad7Wla1kqUxsudtLoPrzhVRJAL3xgQ87bTsJ7XIGv%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c298ca8a0be65070ec8180b9dd3f2c4f5d68568458e8ded370ba0bb70bb57471

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1664619
cf-polished
origFmt=png, origSize=584282
alt-svc
h3=":443"; ma=86400
content-length
416202
cf-bgj
imgq:85,h2pri
last-modified
Fri, 24 Feb 2023 12:29:07 GMT
server
cloudflare
etag
"869e4b487b9efafcba199a39d21c706e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9D%2BszqNCwHSgjC3bJxoQo%2FGpYyCpsQ9tRd%2BRKxiJhHeG9mDLcarRroTcNZDapHNq53TEgPcFsLPEjLvGUIE%2BkfBaWYklWyoffec3Y370jFcxB2Xk0gJWoyH%2BwUgDkdRkr%2BEcr9KR8Feq5KPD"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7fe937878de759ef-MXP
expires
Thu, 31 Aug 2023 01:21:25 GMT
5A4D44C3DE4BA2EE5CE7C957B94056F614D8C1AF31527286DF76718BA19538D51EFD158B736C3D2B03ABD47F6785B4182E88C8C362F86346C112BF56EB8E75B1
assets.ad4m.at/logo/ Frame 333A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/5A4D44C3DE4BA2EE5CE7C957B94056F614D8C1AF31527286DF76718BA19538D51EFD158B736C3D2B03ABD47F6785B4182E88C8C362F86346C112BF56EB8E75B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14222%2C200038%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CprMH1fDARpF9rkZukH4HmtztxZ3UgTRT8XaE%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CJBWFzfmY3qa3geWcBH6H7tqCER2CXTgT4WtX%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=af672aa875b901cb271b5ebf2131176c%2F1624113414517554670&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693358485127&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCvlVLkpnuZJaAJ4TWzQa_lLe4CsT-wtJoz8bNpokL-y4QASC35YQhYPUFyAEJqQLsn1KfTUOyPqgDAcgDmwSqBLsBT9BES3PNq3zfodlYgprHk1eshnBqMHYOR_AOKaizcYPe6Fjd752RSrA7vYHpPLzFOfepnD_o0cIjbr0BdbmbydHhyYUjKzH8xLhoa-M1JAi7Zq-1nBB2xqBZjdRxTHMt34ogwTerZ0Q4Jsesm3kvszzB4vZrGK-aI8v-qDLxkpG80UmP4Ttbx9JTv-p_tlqPsOupEcpZqWKD4UyktGT2NchRc7tZe_q96fROObl2sTguKa0apq7LHXBzZcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItNjkzNjU2gAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIlpHX9puDgQMVBGvTCh0_yg2nEAEYASAAEgLI9_D_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWNG_qTrAtvCJjztkYbftH3M6gjLYPRWU0LbiS55VhbSH4EtNnTnSRxZ4GTawnGAE%2526sig%253DAOD64_0Bbfbnw1EZp66OQ927DNiZM__LBg%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-A637oTepq_rAQfumDYC5lWfPEqfu-A0b8mgAO218AS0qEZco4JUAUkc0-Cfk3-VaE8zceL2ymLS9YuBUjHVP-oqjh0eOje0dg_lT2NlzQzxi2fHwNSF1LnbO0u5-AGTneeScTjS7bpazYwQ7K9HSrmDBJxzT4sw7SVHjFDHOrvzZIrYyc%2526cry%253D1%2526dbm_d%253DAKAmf-Dn1OaWIurmIg-iyp5FYiUKRVQbt4To3nQzHxyg-_MY98AmUvBrQrlD3X_niGFX3OHVnNNVXzDyxzImiZvm_R_OLQedaTk75rFbFUIwE6UszzJfMmwcjICMr2wjbj_0D4sCGTtu4Bsma4grIjdiDrcnLnEK0FtTZaFuMiEwEIOidI1RbV984yIsglcmDB7KN_x1kvhMImLREguHQmmPWlqqZyJ5J00wTqWcncaBuabhHE0YAGK_ObiTwlbIonK8aQX5symfEoC8ToUuDovtwwokeIMVAxcjs4UsTKK_OrfBqaWLmNyc0_5rnbY4wQsNNiwZ4eYMbd6mtZi4YQr4jqUlrq8pUJMhu5BhZpnFAqptR2k1KXRl5NbfVLj6Z2f47j9hxs8APNASYJXWrm0KcyT7gzru5kgx6qDptgfwdnvI2-jGxs4otOaaR4f-YyAAROwSnyq2F9GFHCyXKhAjhv0MDZvU2CHW9H583Aed2tDG46ywJK7SZHY83PGJqLMLSVnLgldYxwo-o2zdYeHDB8jgqKBR3XMdSav_TIiEOee4Std3ql5w0ZiKiQYCSsmTFzrSqjRq-_C4ux-HMO8VuVXsatD2R5Tad7Wla1kqUxsudtLoPrzhVRJAL3xgQ87bTsJ7XIGv%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e71f18edd174a4cb13dc9b75daa0d9d7ce1fc949585941eac0f85263893bcac

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
341899
cf-polished
origFmt=png, origSize=10671
alt-svc
h3=":443"; ma=86400
content-length
2788
cf-bgj
imgq:85,h2pri
last-modified
Tue, 25 Jul 2023 10:08:34 GMT
server
cloudflare
etag
"9acf9d00a48a7f6dbfd2227b1e5270f4"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCOtm%2Bv8sZJoPGloSokc9mPAS5aKv7PQMP3SsUezdQIx1h%2FE1bECah9QMO%2B3iMLsB1%2BgYZSkQaQeyN40sMlGJdEqDrR5Rjd8Wn%2BYgsoLzLzCLjjK%2BYG12JVW8Ion1nktKBpb5hrekTJTpp%2BH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7fe937878de859ef-MXP
expires
Thu, 31 Aug 2023 01:21:25 GMT
83B190E70C0AA9B95F6BCCDB3A57CEAF501AA63168C9AD4C9EDC5CE5B876040D48E4230B3C84514DBA05FA6AC3A57F755FEC87C355A18FD82B1F88B8F702271D
assets.ad4m.at/ Frame 333A 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/83B190E70C0AA9B95F6BCCDB3A57CEAF501AA63168C9AD4C9EDC5CE5B876040D48E4230B3C84514DBA05FA6AC3A57F755FEC87C355A18FD82B1F88B8F702271D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14222%2C200038%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CprMH1fDARpF9rkZukH4HmtztxZ3UgTRT8XaE%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CJBWFzfmY3qa3geWcBH6H7tqCER2CXTgT4WtX%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=af672aa875b901cb271b5ebf2131176c%2F1624113414517554670&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693358485127&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCvlVLkpnuZJaAJ4TWzQa_lLe4CsT-wtJoz8bNpokL-y4QASC35YQhYPUFyAEJqQLsn1KfTUOyPqgDAcgDmwSqBLsBT9BES3PNq3zfodlYgprHk1eshnBqMHYOR_AOKaizcYPe6Fjd752RSrA7vYHpPLzFOfepnD_o0cIjbr0BdbmbydHhyYUjKzH8xLhoa-M1JAi7Zq-1nBB2xqBZjdRxTHMt34ogwTerZ0Q4Jsesm3kvszzB4vZrGK-aI8v-qDLxkpG80UmP4Ttbx9JTv-p_tlqPsOupEcpZqWKD4UyktGT2NchRc7tZe_q96fROObl2sTguKa0apq7LHXBzZcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItNjkzNjU2gAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIlpHX9puDgQMVBGvTCh0_yg2nEAEYASAAEgLI9_D_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWNG_qTrAtvCJjztkYbftH3M6gjLYPRWU0LbiS55VhbSH4EtNnTnSRxZ4GTawnGAE%2526sig%253DAOD64_0Bbfbnw1EZp66OQ927DNiZM__LBg%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-A637oTepq_rAQfumDYC5lWfPEqfu-A0b8mgAO218AS0qEZco4JUAUkc0-Cfk3-VaE8zceL2ymLS9YuBUjHVP-oqjh0eOje0dg_lT2NlzQzxi2fHwNSF1LnbO0u5-AGTneeScTjS7bpazYwQ7K9HSrmDBJxzT4sw7SVHjFDHOrvzZIrYyc%2526cry%253D1%2526dbm_d%253DAKAmf-Dn1OaWIurmIg-iyp5FYiUKRVQbt4To3nQzHxyg-_MY98AmUvBrQrlD3X_niGFX3OHVnNNVXzDyxzImiZvm_R_OLQedaTk75rFbFUIwE6UszzJfMmwcjICMr2wjbj_0D4sCGTtu4Bsma4grIjdiDrcnLnEK0FtTZaFuMiEwEIOidI1RbV984yIsglcmDB7KN_x1kvhMImLREguHQmmPWlqqZyJ5J00wTqWcncaBuabhHE0YAGK_ObiTwlbIonK8aQX5symfEoC8ToUuDovtwwokeIMVAxcjs4UsTKK_OrfBqaWLmNyc0_5rnbY4wQsNNiwZ4eYMbd6mtZi4YQr4jqUlrq8pUJMhu5BhZpnFAqptR2k1KXRl5NbfVLj6Z2f47j9hxs8APNASYJXWrm0KcyT7gzru5kgx6qDptgfwdnvI2-jGxs4otOaaR4f-YyAAROwSnyq2F9GFHCyXKhAjhv0MDZvU2CHW9H583Aed2tDG46ywJK7SZHY83PGJqLMLSVnLgldYxwo-o2zdYeHDB8jgqKBR3XMdSav_TIiEOee4Std3ql5w0ZiKiQYCSsmTFzrSqjRq-_C4ux-HMO8VuVXsatD2R5Tad7Wla1kqUxsudtLoPrzhVRJAL3xgQ87bTsJ7XIGv%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38d96735bde2e2c59266472297e95420bbea8c9c3f6d5bcce1548c3a62243249

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
283537
cf-polished
origFmt=png, origSize=161182
alt-svc
h3=":443"; ma=86400
content-length
97668
cf-bgj
imgq:85,h2pri
last-modified
Tue, 25 Jul 2023 10:16:07 GMT
server
cloudflare
etag
"51d64cff249103fb8a1f53706965d58f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FIoxrxID6eFjvvVJF5OCIFIdthzvYiw%2B6VTmXwXDrSO8pz02P2ndJRS%2B%2FuvqnpFOouDIFh%2FUcJLikFb4FC4NsP13MxyaDg2WWN1Rh2KwdrXGCC%2BMAUbglHI00u%2FQXEZIVNCwgTxHCjzPD3u"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7fe937878de959ef-MXP
expires
Thu, 31 Aug 2023 01:21:25 GMT
cshow.php
www.awin1.com/ Frame 333A 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2578904&v=18851&q=382783&r=412871&pv=1&pref3=oneidxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHAoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14222%2C200038%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CprMH1fDARpF9rkZukH4HmtztxZ3UgTRT8XaE%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CJBWFzfmY3qa3geWcBH6H7tqCER2CXTgT4WtX%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=af672aa875b901cb271b5ebf2131176c%2F1624113414517554670&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693358485127&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCvlVLkpnuZJaAJ4TWzQa_lLe4CsT-wtJoz8bNpokL-y4QASC35YQhYPUFyAEJqQLsn1KfTUOyPqgDAcgDmwSqBLsBT9BES3PNq3zfodlYgprHk1eshnBqMHYOR_AOKaizcYPe6Fjd752RSrA7vYHpPLzFOfepnD_o0cIjbr0BdbmbydHhyYUjKzH8xLhoa-M1JAi7Zq-1nBB2xqBZjdRxTHMt34ogwTerZ0Q4Jsesm3kvszzB4vZrGK-aI8v-qDLxkpG80UmP4Ttbx9JTv-p_tlqPsOupEcpZqWKD4UyktGT2NchRc7tZe_q96fROObl2sTguKa0apq7LHXBzZcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItNjkzNjU2gAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIlpHX9puDgQMVBGvTCh0_yg2nEAEYASAAEgLI9_D_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWNG_qTrAtvCJjztkYbftH3M6gjLYPRWU0LbiS55VhbSH4EtNnTnSRxZ4GTawnGAE%2526sig%253DAOD64_0Bbfbnw1EZp66OQ927DNiZM__LBg%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-A637oTepq_rAQfumDYC5lWfPEqfu-A0b8mgAO218AS0qEZco4JUAUkc0-Cfk3-VaE8zceL2ymLS9YuBUjHVP-oqjh0eOje0dg_lT2NlzQzxi2fHwNSF1LnbO0u5-AGTneeScTjS7bpazYwQ7K9HSrmDBJxzT4sw7SVHjFDHOrvzZIrYyc%2526cry%253D1%2526dbm_d%253DAKAmf-Dn1OaWIurmIg-iyp5FYiUKRVQbt4To3nQzHxyg-_MY98AmUvBrQrlD3X_niGFX3OHVnNNVXzDyxzImiZvm_R_OLQedaTk75rFbFUIwE6UszzJfMmwcjICMr2wjbj_0D4sCGTtu4Bsma4grIjdiDrcnLnEK0FtTZaFuMiEwEIOidI1RbV984yIsglcmDB7KN_x1kvhMImLREguHQmmPWlqqZyJ5J00wTqWcncaBuabhHE0YAGK_ObiTwlbIonK8aQX5symfEoC8ToUuDovtwwokeIMVAxcjs4UsTKK_OrfBqaWLmNyc0_5rnbY4wQsNNiwZ4eYMbd6mtZi4YQr4jqUlrq8pUJMhu5BhZpnFAqptR2k1KXRl5NbfVLj6Z2f47j9hxs8APNASYJXWrm0KcyT7gzru5kgx6qDptgfwdnvI2-jGxs4otOaaR4f-YyAAROwSnyq2F9GFHCyXKhAjhv0MDZvU2CHW9H583Aed2tDG46ywJK7SZHY83PGJqLMLSVnLgldYxwo-o2zdYeHDB8jgqKBR3XMdSav_TIiEOee4Std3ql5w0ZiKiQYCSsmTFzrSqjRq-_C4ux-HMO8VuVXsatD2R5Tad7Wla1kqUxsudtLoPrzhVRJAL3xgQ87bTsJ7XIGv%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:25 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
video.m3u8
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video.m3u8
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
e4612453ee1173a62d2c517be3b9a8f79de7f91e219909cc72b4f165bf2e1e96

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:25 GMT
content-encoding
gzip
cdn-edgestorageid
1055
cdn-storageserver
DE-664
cdn-cachedat
08/18/2023 10:37:58
cdn-pullzone
829957
last-modified
Fri, 18 Aug 2023 08:17:58 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
646
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
8a05e3214422e493f0b1866cb3165363
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 99F3 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Aug 2023 01:21:25 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame B93D 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=77442200005636504445002012432027&a=f48cb19b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900027.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 12:20:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
392443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Aug 2024 12:20:42 GMT
S-970x90.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame B93D 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-970x90.gif
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=77442200005636504445002012432027&a=f48cb19b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3112796.ip-54-36-108.eu
Software
nginx /
Resource Hash
fcb6eec6ad9e415f058503c96d3b39f1732e87a30ecaefe1e638206ecf0dc163

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900027.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 01:21:25 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:53 GMT
Server
nginx
ETag
"5b55f219-5fce"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
24526
truncated
/ Frame E3E7 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af08bb25994f97593cccb40c520270051b68a8057743dde9e787606defa2a4af

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=b73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 30 Aug 2023 01:21:26 GMT
cache-control
no-store
server
nginx
S-300x75.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 4991 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-300x75.gif
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=99267200007424204444982012432002&a=6e744d5e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3112796.ip-54-36-108.eu
Software
nginx /
Resource Hash
9104212df7bb18cd2e0697773c91e0387ee338dfd3c3cf44c29e75744e5b464e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 01:21:25 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:52 GMT
Server
nginx
ETag
"5b55f218-2f74"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
12148
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 31 Aug 2023 01:21:25 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame EC63 		476 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=645c834590f2c48ad908f465
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
533d2ee34cb1a4b281414f52e814ac9b8f6fb7810552fb2bebe23943e04291a9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:25 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtljXN-10sXnDTmX2bVO2hZOC6rxRQz9hhV1rwude5K2kzNhN3i7uxNre2ojXbadAimBlNFqWkjZkptw3bm7Hvr
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
130379
last-modified
Wed, 23 Aug 2023 20:53:33 GMT
server
UploadServer
etag
"25aee45ea3338112064b801c98043832"
vary
Accept-Encoding
x-goog-generation
1692824013316426
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=dQhmYQ==, md5=Ja7kXqMzgRIGS4AcmAQ4Mg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
130379
accept-ranges
bytes
expires
Wed, 30 Aug 2023 01:31:25 GMT
request_content.php
hal900010.redintelligence.net/ Frame F1B1 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request_content.php?s=31922200007015704444994012432010&a=b00ace23
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=1cd0a1043d&subid=&uid=a80f472092e3ea66&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVrkIlJnuZJngA83o6wSGv6GIBablvaBpvZOcp8kP8C4QASDSzIEaYJUCyAEJqQLsn1KfTUOyPqgDAcgDm4SAgASqBNgBT9AH1Zte45Wi9y58D0GO-227H5TbRqu-X5dsD4LzPlLNV9sjvmA3OOOGbRoj9nBqAErhdsOQTLeA7XQtiUO6mtU8U1DfJ8pb1na2OiRWgx4Qimwo3MP5PqWRl4s25bhFsUZWL_jCYLN9d494RQAMyeG17Zscc4783zHNX_yS6mGwurE7cJsmiszkBPu7xYWGSAK2dbPQH6wfYoCCx9vEBHWtZcFt2gvPNkXJg6mtPCNEzACFbCzdi8ogqjGYLVau1wtGQJjBgDQ5pula7GMDJ9OTE703f4APwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMImfqt95uDgQMVTfSaCh2GXwhREAEYASAAEgIHevD_BwE%26num%3D1%26cid%3DCAQSOwBpAlJWX1uAjGKyvMorPG_DazRda3xoQHq17N3FkUzB9LfhAhLbspU4WPV8pyIS7HmFYzsT8QElTBCJGAE%26sig%3DAOD64_3xvyY74vDFigJgmD4Oz4y4kDU5xg%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-DpNbITFTFq8h9rd7UrCgofSvlWvtyDi4LcPrR-PoryoxOmZ-LyHJ5fWLkjN40iCYTAeo7fzWXP2DC8DSx8IMmUk3IYAqpYee2REB4qg5W2ruyeS7xuV3UKMKjsLIWJwYXTvf2iS2aXigEF1DQwj_1zJmHIADHqZ2f3uDKVkOJyphftC-E%26cry%3D1%26dbm_d%3DAKAmf-AA2kFXii1sZxPbPsVgP4YVDwKsQKEOzCkBpauO2XYQoE_K-Jh-nYLvolJB15Xb8FQxRteEcinyvOsb380jjvn3YI6AiQQQD6BaSYFoImt_Cze3-4ovTwrz0j2FKObFxCkDXDynBM_slHhe7ZTfwufRHKmUTd2dpA0kFe8jWNpoEJTL_Boicd-lxSJDEgZ-aEAsj4Vmc5dHG_w1hqmLoyBFqB-6hFC9ty9U87wiHf2BxuyO4IiXrrhCY9hxmwnQXnFN4pIUMhQbW-sObSXXYRFH4LJ3DU0yt5gDTh_eFZXhhO6CiRf7j_rrWWR_-OqPUy9o2AqjxKTVRq5GcgmUSFcY3aLZ6ey9aZKwaKmxMClsAQbinZEIolyuUYf74gxXipRTwP8rLi7X4sp1twG5fW-ngRhiIFBFPCBEQcJSgHSoqMB0gf5RwMsK1Tb3aERBnsYPQohrmK-BuoRkdu1Xr1g1ilu-GWilrQsF0bIweo6sCHde_7azJK2E7TfFUrk6C42IEONJQPVDeunFINfNG6qAZ27wSI1ycU2akMAe-3_PRTEdPDvUmCG9e21MmcrFxv0w--hImV1K-heZPv_nS7tODvf0M08zfj8qJrV6mVX_51pPno5quzw3VOMwer8RCg60UfsI3UPDyYhkhe3lkGv2ebhJeprg7ESHXhK4vzf9X16DimQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=3579881579689&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
5202e7926abdc854caa5ea2f0f89a8729072668e545c5f37a6b446dcec769241

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1413
Content-Type
text/html; charset=utf-8
Date
Wed, 30 Aug 2023 01:21:25 GMT
Expires
Wed, 30 Aug 2023 02:21:25 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
viewability
hal90002.redintelligence.net/ Frame 4991 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/viewability?s=99267200007424204444982012432002&a=fe48aa7d&vb=m
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=99267200007424204444982012432002&a=6e744d5e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90002.redintelligence.net/request_content.php?s=99267200007424204444982012432002&a=6e744d5e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 01:21:25 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 4991 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
link.html
track.webgains.com/ Frame 333A 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3400961&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jmf44w5z7d69n3rezxrwmc8ae67bg2keyg7dpsf01knfk21kcnxy6tk86znq71n6dd65bnhtn7e5n690zyzt7mvrr8des60spvzkm59mx8zgetpwqw6ae8ksgjdzqdky8fsqpmn2gfdzqpp9emayjfstkz2kx74bk7jw0rh8cqwp78rr2b6nex19hzv0dqtjnn5t3h9f7yd90hz74xdp28jnvm4jkk2kabtb35rx4tabsxz4dqrqeg726vq4xgs%26a%3Dhttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Fdbm%252Fclk%25253Fsa%25253DL%252526ai%25253DCvlVLkpnuZJaAJ4TWzQa_lLe4CsT-wtJoz8bNpokL-y4QASC35YQhYPUFyAEJqQLsn1KfTUOyPqgDAcgDmwSqBLsBT9BES3PNq3zfodlYgprHk1eshnBqMHYOR_AOKaizcYPe6Fjd752RSrA7vYHpPLzFOfepnD_o0cIjbr0BdbmbydHhyYUjKzH8xLhoa-M1JAi7Zq-1nBB2xqBZjdRxTHMt34ogwTerZ0Q4Jsesm3kvszzB4vZrGK-aI8v-qDLxkpG80UmP4Ttbx9JTv-p_tlqPsOupEcpZqWKD4UyktGT2NchRc7tZe_q96fROObl2sTguKa0apq7LHXBzZcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItNjkzNjU2gAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%252526ae%25253D1%252526gclid%25253DEAIaIQobChMIlpHX9puDgQMVBGvTCh0_yg2nEAEYASAAEgLI9_D_BwE%252526num%25253D1%252526cid%25253DCAQSMgBpAlJWNG_qTrAtvCJjztkYbftH3M6gjLYPRWU0LbiS55VhbSH4EtNnTnSRxZ4GTawnGAE%252526sig%25253DAOD64_0Bbfbnw1EZp66OQ927DNiZM__LBg%252526client%25253Dca-pub-5722610347565274%252526dbm_c%25253DAKAmf-A637oTepq_rAQfumDYC5lWfPEqfu-A0b8mgAO218AS0qEZco4JUAUkc0-Cfk3-VaE8zceL2ymLS9YuBUjHVP-oqjh0eOje0dg_lT2NlzQzxi2fHwNSF1LnbO0u5-AGTneeScTjS7bpazYwQ7K9HSrmDBJxzT4sw7SVHjFDHOrvzZIrYyc%252526cry%25253D1%252526dbm_d%25253DAKAmf-Dn1OaWIurmIg-iyp5FYiUKRVQbt4To3nQzHxyg-_MY98AmUvBrQrlD3X_niGFX3OHVnNNVXzDyxzImiZvm_R_OLQedaTk75rFbFUIwE6UszzJfMmwcjICMr2wjbj_0D4sCGTtu4Bsma4grIjdiDrcnLnEK0FtTZaFuMiEwEIOidI1RbV984yIsglcmDB7KN_x1kvhMImLREguHQmmPWlqqZyJ5J00wTqWcncaBuabhHE0YAGK_ObiTwlbIonK8aQX5symfEoC8ToUuDovtwwokeIMVAxcjs4UsTKK_OrfBqaWLmNyc0_5rnbY4wQsNNiwZ4eYMbd6mtZi4YQr4jqUlrq8pUJMhu5BhZpnFAqptR2k1KXRl5NbfVLj6Z2f47j9hxs8APNASYJXWrm0KcyT7gzru5kgx6qDptgfwdnvI2-jGxs4otOaaR4f-YyAAROwSnyq2F9GFHCyXKhAjhv0MDZvU2CHW9H583Aed2tDG46ywJK7SZHY83PGJqLMLSVnLgldYxwo-o2zdYeHDB8jgqKBR3XMdSav_TIiEOee4Std3ql5w0ZiKiQYCSsmTFzrSqjRq-_C4ux-HMO8VuVXsatD2R5Tad7Wla1kqUxsudtLoPrzhVRJAL3xgQ87bTsJ7XIGv%252526adurl%25253D&clickref=oneidJBWFzfmY3qa3geWcBH6H7tqCER2CXTgT4WtXoneid__dbm_Awin_Reach02&viewref=oneidprMH1fDARpF9rkZukH4HmtztxZ3UgTRT8XaEoneid__dbm_Awin_Reach02
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14222%2C200038%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CprMH1fDARpF9rkZukH4HmtztxZ3UgTRT8XaE%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CJBWFzfmY3qa3geWcBH6H7tqCER2CXTgT4WtX%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=af672aa875b901cb271b5ebf2131176c%2F1624113414517554670&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693358485127&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCvlVLkpnuZJaAJ4TWzQa_lLe4CsT-wtJoz8bNpokL-y4QASC35YQhYPUFyAEJqQLsn1KfTUOyPqgDAcgDmwSqBLsBT9BES3PNq3zfodlYgprHk1eshnBqMHYOR_AOKaizcYPe6Fjd752RSrA7vYHpPLzFOfepnD_o0cIjbr0BdbmbydHhyYUjKzH8xLhoa-M1JAi7Zq-1nBB2xqBZjdRxTHMt34ogwTerZ0Q4Jsesm3kvszzB4vZrGK-aI8v-qDLxkpG80UmP4Ttbx9JTv-p_tlqPsOupEcpZqWKD4UyktGT2NchRc7tZe_q96fROObl2sTguKa0apq7LHXBzZcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItNjkzNjU2gAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIlpHX9puDgQMVBGvTCh0_yg2nEAEYASAAEgLI9_D_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWNG_qTrAtvCJjztkYbftH3M6gjLYPRWU0LbiS55VhbSH4EtNnTnSRxZ4GTawnGAE%2526sig%253DAOD64_0Bbfbnw1EZp66OQ927DNiZM__LBg%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-A637oTepq_rAQfumDYC5lWfPEqfu-A0b8mgAO218AS0qEZco4JUAUkc0-Cfk3-VaE8zceL2ymLS9YuBUjHVP-oqjh0eOje0dg_lT2NlzQzxi2fHwNSF1LnbO0u5-AGTneeScTjS7bpazYwQ7K9HSrmDBJxzT4sw7SVHjFDHOrvzZIrYyc%2526cry%253D1%2526dbm_d%253DAKAmf-Dn1OaWIurmIg-iyp5FYiUKRVQbt4To3nQzHxyg-_MY98AmUvBrQrlD3X_niGFX3OHVnNNVXzDyxzImiZvm_R_OLQedaTk75rFbFUIwE6UszzJfMmwcjICMr2wjbj_0D4sCGTtu4Bsma4grIjdiDrcnLnEK0FtTZaFuMiEwEIOidI1RbV984yIsglcmDB7KN_x1kvhMImLREguHQmmPWlqqZyJ5J00wTqWcncaBuabhHE0YAGK_ObiTwlbIonK8aQX5symfEoC8ToUuDovtwwokeIMVAxcjs4UsTKK_OrfBqaWLmNyc0_5rnbY4wQsNNiwZ4eYMbd6mtZi4YQr4jqUlrq8pUJMhu5BhZpnFAqptR2k1KXRl5NbfVLj6Z2f47j9hxs8APNASYJXWrm0KcyT7gzru5kgx6qDptgfwdnvI2-jGxs4otOaaR4f-YyAAROwSnyq2F9GFHCyXKhAjhv0MDZvU2CHW9H583Aed2tDG46ywJK7SZHY83PGJqLMLSVnLgldYxwo-o2zdYeHDB8jgqKBR3XMdSav_TIiEOee4Std3ql5w0ZiKiQYCSsmTFzrSqjRq-_C4ux-HMO8VuVXsatD2R5Tad7Wla1kqUxsudtLoPrzhVRJAL3xgQ87bTsJ7XIGv%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.22.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-9-22-61.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:25 GMT
server
awselb/2.0
content-length
45
content-type
text/html
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
M-HeFlSCME_k5Ph7lXtMc9K-bQ1dlElVsMlNN0Ru4uM.js
pagead2.googlesyndication.com/bg/ Frame 403F 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/M-HeFlSCME_k5Ph7lXtMc9K-bQ1dlElVsMlNN0Ru4uM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33e1de165482304fe4e4f87b957b4c73d2be6d0d5d944955b0c94d37446ee2e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 15:15:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
554752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14677
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Aug 2024 15:15:33 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F0B9 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351283&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483255&bpp=405&bdt=614&idt=723&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=2&ga_vid=448424990.1693358484&ga_sid=1693358484&ga_hid=1924307505&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2172&biw=1600&bih=1200&isw=336&ish=280&ifk=2231387374&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077328%2C42531706%2C21065724&oid=2&pvsid=848690160865409&tmod=1792512408&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n2dom0z1dmc7&btvi=1&fsb=1&dtd=744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
50846
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 11:13:59 GMT
etag
48472445140208031
expires
Wed, 30 Aug 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 80CB 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94ac9df91fde5d952c06fdf8ebaf86268f991a3dbfff8d73e4ca41dc66262de3

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
rs
ad4m.at/ Frame 4C87 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9008446b3f71fdeccc804952a46704e20da795249456593df1c2403fceee93e

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y23WFvlwtaKEDmtrVgeQAj4XW1w9wFLQSgB7vwL%2Bccqg1o6DakTVIOVCq8S0Sz6pDZIXleCeEsW3uixR00zichyKPKW5g27YKDfPufECF8Gw1iu8gDrhD4cH5G6ibk2V7AXQIOY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7fe93789ca0dbb13-MXP
x-backend-server
aa-reachservice-group-europe-west1-b4lk
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7fe9378979ecbb13-MXP
content-length
24
content-type
text/plain
date
Wed, 30 Aug 2023 01:21:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uihnDoYjghDnJuV6G%2FnworqpcQSKoiBst42SzAy65niH2ClUc78Ta2XuxRxTZJYjaKvxJ%2BXcBZDrmbHh4N3mjuCTlQQflYbIm29EHnoa8HE2DXO1pPkTxdKwG5zTvPzQ8pwRmnk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-b4lk
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BB1B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
12761
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 21:48:45 GMT
expires
Wed, 28 Aug 2024 21:48:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EEA5 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
10bd7a4efca8b85f4a2e4b1a7df190893da804abd93321d7b0500e7877488acd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DiIAAcpkTE3ACAkw_GYp6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-DiIAAcpkTE3ACAkw_GYp6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:26 GMT
expires
Wed, 30 Aug 2023 01:21:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
video0.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		310 KB
311 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video0.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
bd09c8a7b93803aa5920748a2f7b9dbfeac2c74bcff72e52f72c7c9abfab7534

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
cdn-edgestorageid
1076
cdn-storageserver
DE-677
cdn-cachedat
08/18/2023 10:37:58
cdn-pullzone
829957
content-length
317720
last-modified
Fri, 18 Aug 2023 08:17:58 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
636
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
e84bce3b24b0c0c0c304977ae57f7391
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
viewability
hal900027.redintelligence.net/ Frame B93D 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900027.redintelligence.net/viewability?s=77442200005636504445002012432027&a=e9ce35d0&vb=m
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=77442200005636504445002012432027&a=f48cb19b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900027.redintelligence.net/request_content.php?s=77442200005636504445002012432027&a=f48cb19b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 01:21:26 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame B93D 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
S-336x280.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame F1B1 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-336x280.gif
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=31922200007015704444994012432010&a=b00ace23
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3112796.ip-54-36-108.eu
Software
nginx /
Resource Hash
389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 01:21:26 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:51 GMT
Server
nginx
ETag
"5b55f217-1348d"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
78989
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 30 Aug 2023 01:21:26 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
243498
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
223279
expires
0
rid
match.adsrvr.org/track/ 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
45d5024badc735b0a3c222ae690abceb93624509591f80755d30461c92cf7600

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Fri, 29 Sep 2023 01:21:26 GMT
isyn
prebid.a-mo.net/ Frame 0ED1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Wed, 30 Aug 2023 01:21:25 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
sync.html
public.servenobid.com/ Frame 8733 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-85.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
49000
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Tue, 29 Aug 2023 11:44:47 GMT
etag
W/"cba3476b12cba88403393b498cdbcb0a"
last-modified
Wed, 02 Aug 2023 17:35:11 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-id
KO6FOJFHrpBJaG4ZhNITxY3vWaGYQ51wpTatuIWVZWYUxqy48WvWhA==
x-amz-cf-pop
FRA60-P3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:31ab35ea-5a5c-48f0-b2fb-f30c51be3ea7
x-amz-meta-codebuild-content-md5
72eb3bf796cfb76b935cf7988fe9dbf6
x-amz-meta-codebuild-content-sha256
54752e6f134e9a3b5264f5fce48201b016c1d763a4f3777fb3c64f249a8a0f94
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame 6442 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1693358482734
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame F93D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 30 Aug 2023 01:21:26 GMT
ETag
"623de86a-cf34"
Expires
Thu, 31 Aug 2023 01:21:28 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame CCA6 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 30 Aug 2023 01:21:26 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 947D 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 30 Aug 2023 01:21:26 GMT
/
csync.smilewanted.com/ Frame 9833 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7fe9378b1e3059e9-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 01:21:26 GMT
server
cloudflare
vary
Accept-Encoding
pd
adpushup-d.openx.net/w/1.0/ Frame AB20 		504 B
636 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
1ea777d335b848ca3e04313fa53fffc5b226802fef61a4d2f19c111abb81a6b2

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
322
content-type
text/html
date
Wed, 30 Aug 2023 01:21:26 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame EA3F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
278
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7fe9378b0b4401fc-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 01:21:26 GMT
expires
Wed, 30 Aug 2023 05:21:26 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 27D0 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
79766b10dc3f6078cf469d910eee2d04c183fac5df15f34f6bdbc3e0fd94c350
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=122181
content-encoding
gzip
content-length
8473
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 01:21:26 GMT
expires
Thu, 31 Aug 2023 11:17:47 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-17ba9"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 31 Aug 2023 01:21:26 GMT
rar
as.ad4m.at/ad/ Frame 1AE9 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d5ff64c682704ee84b21d7d0a26b151f%2F6310840116423024949&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693358486073&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha4bhw9snhz3wkk3wv0bqarr0t75t888pmczsakbm264y8z620p51sh14czrm2w8c34s8ng5pxs726nvtgk2e190mvty7d2m9z69ctw9dje4p3sej4dcx1m3m20p0qg7ptmrb42azhepf0g6z7nht3gga47v22aebhbnv8m94dbt7q0v2nhvtv8h2h7te3yyx4k1xrweteegg1jwyf7mw2ck2qdjvk2v5rn9sw7sxs6z7tx9qnawj5csfjge16d0p2h5kvwer82702fh382j42dkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvUu2k5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoElgJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmawa6XZtPQsrUPglQMxY5iqWfonWbXLWIz7zOCJ6ypedVFa_8s6g0k7qdYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0wlaYbxeks7XFQ0NQCaTCqoq2Q-A%2526client%253Dca-pub-3216231935713038%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5d3493dd28b3c0a908e30fa8e7aa3c98ba561837321b63038374ca17bd65dcb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jgvw9p13k5gvcq8q76dgn2076mns0hpqngn735vm9h5znge5cdew47rw0feh6bseam2f8ygcjr6cewzhtv5geq8ft6gm3hcg53h6kqs67y2ema6x0mdsbjb953hcs1pectez2632b8t2dp87tq5nbkfmjvc98z1e9h0z026smktb5qws35dmnzzp5s74jtjthdpe30e49dsg587rx9enc3py6bwa8vzm2zav2fgk1bvwkszvhpa4yxw8svppp1f4n4t3htp4vg7hm13th7ajev213dahz5wq69ym9azjh707zzb6ahypja4ew0zmb00fhxdcmz8mnbdxrf36brv1e5kjr8ejpc54etj40a4t9rs5dvpwdbk056vkkg8w2bkx1qrmx8mwnn7vppwbd0tjcmtjd1jp2p4gaahzvxpg5tj7vsjap4kdqm086anxjha8s4wv48t03ag&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvUu2k5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoElgJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmawa6XZtPQsrUPglQMxY5iqWfonWbXLWIz7zOCJ6ypedVFa_8s6g0k7qdYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0wlaYbxeks7XFQ0NQCaTCqoq2Q-A%26client%3Dca-pub-3216231935713038%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7fe9378b7f7459ef-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:26 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
viewability
hal900010.redintelligence.net/ Frame F1B1 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/viewability?s=31922200007015704444994012432010&a=6f428faa&vb=m
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=31922200007015704444994012432010&a=b00ace23
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900010.redintelligence.net/request_content.php?s=31922200007015704444994012432010&a=b00ace23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 01:21:26 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame F1B1 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame CCA6 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
19ca7fd01ac3b9345ac5d2d90e34cea22ddf2d5d8756ba3b054d96726db22405

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 01:21:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Aug 2023 15:52:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52225
Connection
keep-alive
Content-Length
10117
Expires
Wed, 30 Aug 2023 15:51:51 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
805 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1693358486488&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1544&pt=-1959458682&tz=120&viewable=true&ddast=V8PiECLAa8JzwHt3tzFBJ4T3gObvfmKCwAAABgYID-AElMHKPhyOVYS0zD1Vo0WXnWEsdouVaOXMbFxDSZzUY2IyCJiWM0HLkca4lpuFqLJivPWuIYLdfKkcu4mJgms9nIZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZyaDodPte9Xvf73SU-z1zj9yv80qPDLXW6hQ6_W_h02H1u4dPhd0udLrfU6XJLnQ67W-Kw-9wao-stfDrsbpHDLXe63qK_6y12uDVGl1tz9LveEqdb53K6dX-3xuh0ix12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkchMNycV1-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEKGeKUmz0EJ4IgWxRRgBAAAAgFVYcz8ySSeoWFT5___vtwJwBQAgQJHooFwoi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHqOXNMA8TM3q_kFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOZYrXarmXPmGW0cLs9sOXH5hhPDxDnauBwm42Z7BBWMF75kfCH7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYhvMzHZlpO1ZjJYuEWz4WytcHkca9lotjAsXJ6VceZxi14f08VlXMwcky0SDMDbi-RpkU5kE4thuNjYFo6JceZymYYT52Q3spgGs5Vl49vNJmKJ5mSRTmSXfc2xWu1WM-fMM9o4XJ7ZcuLyDSeGiXO0cTlMxs2-4ttMTLblZK2ZDBZu0Ww4WytcHsdaNpotDAuXZ2Wcedyi18d0cRkXM8dk35gtN5vVcDSc7Buz5WazGo6Gk32HzvBdfc5GZVkl-bj8Kt224bo5DQqXweJ9qU_nYcFYkE47R6dLpHgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hlx4dbqnTLXT43cKnw-5zC58Ov1vqdLmlTpdb6nTY3RKH3efWGF1v4dNhd4scbrnT9Rb9XW-xw60xutyao9_1ljjdOpfTrfu7NUanW-ywC01vs0UsEZwu0onoZTxd1H_kELvZXDGYKwa7uWQzXCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptA8Cju____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIyWS22D8AFWKtVqvbjbVarYAFshwMRxP4____Dw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=eidc_vA!ll142893-147_vC!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1c2c94f60fa3f03bde04bec658114dbca00259bcb8ab5a4c32205d1296e726f4

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Wed, 30 Aug 2023 01:21:26 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1446
x-cache
MISS
x-served-by
cache-mxp6936-MXP
pragma
no-cache
server
nginx
x-timer
S1693358486.495597,VS0,VE52
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame AB20
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=7221a60a3350172a&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIg52L8bm5kgMSINUiAAAAAAA&expiration=1693444886&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIg52L8bm5kgMSINUiAAAAAAA&expiration=1693444886&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIg52L8bm5kgMSINUiAAAAAAA&expiration=1693444886&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
dds
rtb.openx.net/sync/ Frame AB20
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=wnW-WCUrwAcys_bHd_JezA==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
89e45220-1c01-eb60-e510-ac855bbca93f
pr-bh.ybp.yahoo.com/sync/openx/ Frame AB20 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/89e45220-1c01-eb60-e510-ac855bbca93f?gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:2dd:853d:91ea:688e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame AB20
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=83223b3d94594f1292edf253045c7afd&ssp=openx&bsw_param=fd9c6952-267e-4773-9dfd-6de7d3199520&gdpr=&consent=&gdpr_pd=&expires=7
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=fd9c6952-267e-4773-9dfd-6de7d3199520&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=fd9c6952-267e-4773-9dfd-6de7d3199520&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=fd9c6952-267e-4773-9dfd-6de7d3199520&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 30 Aug 2023 01:21:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
us-u.openx.net/w/1.0/ Frame AB20
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0&tc=1
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=gYY10mNslvInZx0lhCEs&pi=openx&gdpr=0&tc=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073053&val=gYY10mNslvInZx0lhCEs&pi=openx&gdpr=0&tc=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073053&val=gYY10mNslvInZx0lhCEs&pi=openx&gdpr=0&tc=1
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT, Wed, 30 Aug 2023 01:21:26 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame AB20
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ueUHZrboWzGitQEzt-FPM7vkUzqi4VBh7ulCzesD
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ueUHZrboWzGitQEzt-FPM7vkUzqi4VBh7ulCzesD
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ueUHZrboWzGitQEzt-FPM7vkUzqi4VBh7ulCzesD
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FAB0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBWvc9VLcnJ3QYbCz0a6XHc4-91lBuQK1b2CjPpMKwl4qmaF-60LfJI2s3kp4kIDZ2Lr017wteY8CY-oB2SuYgpAJMeTVGxRmOQSikIEo2Dfa_07iPPsR3Te8oaXJhxMtr4LqTyOADJ-7V&sai=AMfl-YTEbTTSiZc2sMgeJfGateUf4rXVFCKRU4BV2Rgh3QsdEpBJmiAaBtLITqduQP3dhEDwWlKGJF-obJvqF2h-3N7BP4_dzVHkA0moASyW3FiYb4x6cHzH8rXgNJg&sig=Cg0ArKJSzDV8pioOwmwEEAE&cid=CAQSOwBpAlJWvy1p5t44n0LxdrXDiB-pYnhrIpRnldv6QV94Zf64EnWBcdaikYZTqCl0zqzwhMzM2LTAsOTtGAE&id=lidar2&mcvt=1228&p=0,0,280,336&mtos=1228,1228,1228,1228,1228&tos=1228,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1587687671&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693358484097&rpt=1162&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 1AE9 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d5ff64c682704ee84b21d7d0a26b151f%2F6310840116423024949&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693358486073&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha4bhw9snhz3wkk3wv0bqarr0t75t888pmczsakbm264y8z620p51sh14czrm2w8c34s8ng5pxs726nvtgk2e190mvty7d2m9z69ctw9dje4p3sej4dcx1m3m20p0qg7ptmrb42azhepf0g6z7nht3gga47v22aebhbnv8m94dbt7q0v2nhvtv8h2h7te3yyx4k1xrweteegg1jwyf7mw2ck2qdjvk2v5rn9sw7sxs6z7tx9qnawj5csfjge16d0p2h5kvwer82702fh382j42dkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvUu2k5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoElgJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmawa6XZtPQsrUPglQMxY5iqWfonWbXLWIz7zOCJ6ypedVFa_8s6g0k7qdYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0wlaYbxeks7XFQ0NQCaTCqoq2Q-A%2526client%253Dca-pub-3216231935713038%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d5ff64c682704ee84b21d7d0a26b151f%2F6310840116423024949&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693358486073&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha4bhw9snhz3wkk3wv0bqarr0t75t888pmczsakbm264y8z620p51sh14czrm2w8c34s8ng5pxs726nvtgk2e190mvty7d2m9z69ctw9dje4p3sej4dcx1m3m20p0qg7ptmrb42azhepf0g6z7nht3gga47v22aebhbnv8m94dbt7q0v2nhvtv8h2h7te3yyx4k1xrweteegg1jwyf7mw2ck2qdjvk2v5rn9sw7sxs6z7tx9qnawj5csfjge16d0p2h5kvwer82702fh382j42dkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvUu2k5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoElgJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmawa6XZtPQsrUPglQMxY5iqWfonWbXLWIz7zOCJ6ypedVFa_8s6g0k7qdYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0wlaYbxeks7XFQ0NQCaTCqoq2Q-A%2526client%253Dca-pub-3216231935713038%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
569296
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eN%2BEJ%2BY%2F4YEUhKTILS2BUswD2e0Jtaaec%2FpTPkQkTpnxBU3Omdcd2BZncw5eEMuCqbX3CKjOeFLASke4YCPQj4JEfAQsUIJulfli581pFKb%2F%2B6lI4OIVRwSzSes45dibuCjmbWzeVCM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7fe9378d084659ef-MXP
expires
Wed, 30 Aug 2023 02:21:26 GMT
807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
assets.ad4m.at/logo/ Frame 1AE9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d5ff64c682704ee84b21d7d0a26b151f%2F6310840116423024949&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693358486073&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha4bhw9snhz3wkk3wv0bqarr0t75t888pmczsakbm264y8z620p51sh14czrm2w8c34s8ng5pxs726nvtgk2e190mvty7d2m9z69ctw9dje4p3sej4dcx1m3m20p0qg7ptmrb42azhepf0g6z7nht3gga47v22aebhbnv8m94dbt7q0v2nhvtv8h2h7te3yyx4k1xrweteegg1jwyf7mw2ck2qdjvk2v5rn9sw7sxs6z7tx9qnawj5csfjge16d0p2h5kvwer82702fh382j42dkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvUu2k5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoElgJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmawa6XZtPQsrUPglQMxY5iqWfonWbXLWIz7zOCJ6ypedVFa_8s6g0k7qdYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0wlaYbxeks7XFQ0NQCaTCqoq2Q-A%2526client%253Dca-pub-3216231935713038%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1916042
cf-polished
origFmt=png, origSize=11357
alt-svc
h3=":443"; ma=86400
content-length
5848
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Jun 2023 08:41:46 GMT
server
cloudflare
etag
"ccfbd2e3feb27487a1f6d1f6b03866aa"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsjTy9XpV7pk7AVDL3lQHgzukIm76BPXZyG3rSqu8nVI2hZut3HoqIcYLAWhWC5vDU9305TWTehAT0Bzoe3X%2FsssQ%2B%2Fafr8ktjWLe2XBskZQdJ8nBtPo2ktgj2RRZRkUuykBoT1BLgYwQI29"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7fe9378d084759ef-MXP
expires
Thu, 31 Aug 2023 01:21:26 GMT
2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
assets.ad4m.at/ Frame 1AE9 		183 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d5ff64c682704ee84b21d7d0a26b151f%2F6310840116423024949&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693358486073&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha4bhw9snhz3wkk3wv0bqarr0t75t888pmczsakbm264y8z620p51sh14czrm2w8c34s8ng5pxs726nvtgk2e190mvty7d2m9z69ctw9dje4p3sej4dcx1m3m20p0qg7ptmrb42azhepf0g6z7nht3gga47v22aebhbnv8m94dbt7q0v2nhvtv8h2h7te3yyx4k1xrweteegg1jwyf7mw2ck2qdjvk2v5rn9sw7sxs6z7tx9qnawj5csfjge16d0p2h5kvwer82702fh382j42dkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvUu2k5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoElgJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmawa6XZtPQsrUPglQMxY5iqWfonWbXLWIz7zOCJ6ypedVFa_8s6g0k7qdYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0wlaYbxeks7XFQ0NQCaTCqoq2Q-A%2526client%253Dca-pub-3216231935713038%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
479251
cf-polished
origFmt=png, origSize=289744
alt-svc
h3=":443"; ma=86400
content-length
187558
cf-bgj
imgq:85,h2pri
last-modified
Fri, 23 Jun 2023 11:11:49 GMT
server
cloudflare
etag
"17decb4f4cab809ec8159433a7f13627"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5bKQ%2Bg%2BvuDx%2FUYZbAHx7AffjYU4IbyrwQNfZpkxQrGQa48759h4y2p5A%2FqPog38BSqKw242MYh8sLgjGiLSoSZSMxGBVHg3JuU5D5f%2BnXdP0KTTQhV03TpfidENJ2DTxFIEm0Rrtpi5RVKz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7fe9378e18a059ef-MXP
expires
Thu, 31 Aug 2023 01:21:26 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 1AE9 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d5ff64c682704ee84b21d7d0a26b151f%2F6310840116423024949&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693358486073&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha4bhw9snhz3wkk3wv0bqarr0t75t888pmczsakbm264y8z620p51sh14czrm2w8c34s8ng5pxs726nvtgk2e190mvty7d2m9z69ctw9dje4p3sej4dcx1m3m20p0qg7ptmrb42azhepf0g6z7nht3gga47v22aebhbnv8m94dbt7q0v2nhvtv8h2h7te3yyx4k1xrweteegg1jwyf7mw2ck2qdjvk2v5rn9sw7sxs6z7tx9qnawj5csfjge16d0p2h5kvwer82702fh382j42dkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvUu2k5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoElgJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmawa6XZtPQsrUPglQMxY5iqWfonWbXLWIz7zOCJ6ypedVFa_8s6g0k7qdYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0wlaYbxeks7XFQ0NQCaTCqoq2Q-A%2526client%253Dca-pub-3216231935713038%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1570532
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MWu0g%2BPvOH6eI62V%2BkCvwio6g4AjpiDE7hJpOPRDDl6RpffSZ9mYuVeriz3kg4S5PSMc%2FXe39djoSxKWWUyqUAaSSRLzVzkFO1ibfK3s5q0MsfCF6kx3w0kX8edgX2w3WyrbMkENnumsHnb"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7fe9378e18a159ef-MXP
expires
Thu, 31 Aug 2023 01:21:26 GMT
174251C99ECC2611CFF55CE4288DE127D854C48538EE2AA035DC71D2C7BEC4F59C31F29ED29F51E69EF40ACCC55F35F1D2437F91A0872484CD0B2C130103C9FC
assets.ad4m.at/ Frame 1AE9 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/174251C99ECC2611CFF55CE4288DE127D854C48538EE2AA035DC71D2C7BEC4F59C31F29ED29F51E69EF40ACCC55F35F1D2437F91A0872484CD0B2C130103C9FC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d5ff64c682704ee84b21d7d0a26b151f%2F6310840116423024949&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693358486073&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha4bhw9snhz3wkk3wv0bqarr0t75t888pmczsakbm264y8z620p51sh14czrm2w8c34s8ng5pxs726nvtgk2e190mvty7d2m9z69ctw9dje4p3sej4dcx1m3m20p0qg7ptmrb42azhepf0g6z7nht3gga47v22aebhbnv8m94dbt7q0v2nhvtv8h2h7te3yyx4k1xrweteegg1jwyf7mw2ck2qdjvk2v5rn9sw7sxs6z7tx9qnawj5csfjge16d0p2h5kvwer82702fh382j42dkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvUu2k5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoElgJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmawa6XZtPQsrUPglQMxY5iqWfonWbXLWIz7zOCJ6ypedVFa_8s6g0k7qdYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0wlaYbxeks7XFQ0NQCaTCqoq2Q-A%2526client%253Dca-pub-3216231935713038%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd2466477387e94dbde262c0c56612fe6ef46ec109b8d0d4069484a6f9ade247

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2530193
cf-polished
origFmt=png, origSize=168649
alt-svc
h3=":443"; ma=86400
content-length
105332
cf-bgj
imgq:85,h2pri
last-modified
Mon, 15 May 2023 13:20:49 GMT
server
cloudflare
etag
"ac48b4403a35b54196486b0c2a925ee3"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvh%2FugdG%2FqRLILY9B0jN97NXLZWnJcm1PpXi8E8z%2B76klVn0V9Xst34xwFaWMcCQONlV0QCQg6w1JwNs6rldfeoGxszFMqJ%2B0565RDOVDvIxZv9TYsdZkgfqoiHM79RCZYXKLfER8l%2FX2SX%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7fe9378e18a259ef-MXP
expires
Thu, 31 Aug 2023 01:21:26 GMT
/
partner.o2online.de/a/ Frame 1AE9
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLmi1vibg4EDFeyR_QcdgcUHgA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023083003212788403301953X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suit...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023083003212788403301953X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023083003212788403301953X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d5ff64c682704ee84b21d7d0a26b151f%2F6310840116423024949&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693358486073&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha4bhw9snhz3wkk3wv0bqarr0t75t888pmczsakbm264y8z620p51sh14czrm2w8c34s8ng5pxs726nvtgk2e190mvty7d2m9z69ctw9dje4p3sej4dcx1m3m20p0qg7ptmrb42azhepf0g6z7nht3gga47v22aebhbnv8m94dbt7q0v2nhvtv8h2h7te3yyx4k1xrweteegg1jwyf7mw2ck2qdjvk2v5rn9sw7sxs6z7tx9qnawj5csfjge16d0p2h5kvwer82702fh382j42dkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvUu2k5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoElgJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmawa6XZtPQsrUPglQMxY5iqWfonWbXLWIz7zOCJ6ypedVFa_8s6g0k7qdYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0wlaYbxeks7XFQ0NQCaTCqoq2Q-A%2526client%253Dca-pub-3216231935713038%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 01:21:27 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023083003212788403301953X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023083003212788403301953X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218
date
Wed, 30 Aug 2023 01:21:27 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 1AE9 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d5ff64c682704ee84b21d7d0a26b151f%2F6310840116423024949&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693358486073&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha4bhw9snhz3wkk3wv0bqarr0t75t888pmczsakbm264y8z620p51sh14czrm2w8c34s8ng5pxs726nvtgk2e190mvty7d2m9z69ctw9dje4p3sej4dcx1m3m20p0qg7ptmrb42azhepf0g6z7nht3gga47v22aebhbnv8m94dbt7q0v2nhvtv8h2h7te3yyx4k1xrweteegg1jwyf7mw2ck2qdjvk2v5rn9sw7sxs6z7tx9qnawj5csfjge16d0p2h5kvwer82702fh382j42dkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvUu2k5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoElgJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmawa6XZtPQsrUPglQMxY5iqWfonWbXLWIz7zOCJ6ypedVFa_8s6g0k7qdYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0wlaYbxeks7XFQ0NQCaTCqoq2Q-A%2526client%253Dca-pub-3216231935713038%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28d1764b929a95aad8c00aa782bf66c9ab265c40e5ff9ff6fc4226f0af7a94a1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1788337
cf-polished
origSize=62828, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
54937
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Oct 2022 15:02:47 GMT
server
cloudflare
etag
"e12c1a9f1887c09d377658838eaaa06d"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTCDpCPOLvvG1qoSQir9QK6p%2BuEqL59DpSNsMmWxEShaSIHNE7woM%2FBm9XjLTxG3p%2BVg%2FDmjnVzTKvan10wnEPZq%2BxIdy5cr0%2B4zscgInEbCnyiJ5VKN5Jgzdsm4aUS2NvSHyknlP5wGhSsL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7fe9378e18a359ef-MXP
expires
Thu, 31 Aug 2023 01:21:26 GMT
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 1AE9 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d5ff64c682704ee84b21d7d0a26b151f%2F6310840116423024949&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693358486073&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha4bhw9snhz3wkk3wv0bqarr0t75t888pmczsakbm264y8z620p51sh14czrm2w8c34s8ng5pxs726nvtgk2e190mvty7d2m9z69ctw9dje4p3sej4dcx1m3m20p0qg7ptmrb42azhepf0g6z7nht3gga47v22aebhbnv8m94dbt7q0v2nhvtv8h2h7te3yyx4k1xrweteegg1jwyf7mw2ck2qdjvk2v5rn9sw7sxs6z7tx9qnawj5csfjge16d0p2h5kvwer82702fh382j42dkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvUu2k5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoElgJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmawa6XZtPQsrUPglQMxY5iqWfonWbXLWIz7zOCJ6ypedVFa_8s6g0k7qdYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0wlaYbxeks7XFQ0NQCaTCqoq2Q-A%2526client%253Dca-pub-3216231935713038%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1397380
cf-polished
degrade=85, origSize=133780, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
38661
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PodvVHRxvnNs3m5LLA8d%2BJk1fOF%2BL6fIuhp0lH5dhD8ySSdHvtiMgzm6PV4g4t0ioLnUG%2FN4TfdsubKd7k%2FH5YQg4IhAE1pX4gfXkDAy5v%2Fp2XtqUYE7y%2FnBi3kYkiA%2FHruSA4N1hKpy%2BjwM"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7fe9378e18a459ef-MXP
expires
Thu, 31 Aug 2023 01:21:26 GMT
cshow.php
www.awin1.com/ Frame 1AE9 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d5ff64c682704ee84b21d7d0a26b151f%2F6310840116423024949&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693358486073&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha4bhw9snhz3wkk3wv0bqarr0t75t888pmczsakbm264y8z620p51sh14czrm2w8c34s8ng5pxs726nvtgk2e190mvty7d2m9z69ctw9dje4p3sej4dcx1m3m20p0qg7ptmrb42azhepf0g6z7nht3gga47v22aebhbnv8m94dbt7q0v2nhvtv8h2h7te3yyx4k1xrweteegg1jwyf7mw2ck2qdjvk2v5rn9sw7sxs6z7tx9qnawj5csfjge16d0p2h5kvwer82702fh382j42dkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvUu2k5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoElgJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmawa6XZtPQsrUPglQMxY5iqWfonWbXLWIz7zOCJ6ypedVFa_8s6g0k7qdYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0wlaYbxeks7XFQ0NQCaTCqoq2Q-A%2526client%253Dca-pub-3216231935713038%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:26 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
truncated
/ Frame EC63 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
gov.aniview.com/api/adserver/tag/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gov.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.bg3.co&AV_GDPR=1&AV_CONSENT=&AV_CCPA=1---&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=645c834590f2c48ad908f465&AV_CHANNELID=6469fbec71f13c58010ba477&tgt=1&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=[AVC_ABT]&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.bg3.co&AV_DADPOS=1&AV_GPID=/645c834590f2c48ad908f465/6469fbec71f13c58010ba477/www.bg3.co&d36=6.2.121&responsive=1&sver=4&avtoken=486574&omv=1.0.1&clsid=8596eb09-1325-429d-a3e3-ffb1feebb5bd&rando=21&AV_WIDTH=700&AV_HEIGHT=393&AV_DNT=0&cb=1693358486577&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=645c834590f2c48ad908f465
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.106.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-106-164.compute-1.amazonaws.com
Software
/
Resource Hash
250b791fe66012163be6d435c2521821d4d00d7da87210030c69abc8eaf29027

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Fri, 18 Aug 2023 11:34:47 GMT
track
track1.aniview.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.bg3.co&sn=&ic=0&tgt=1&app=&wi=700&he=393&test=&d36=6.2.121&apppkg=&fv=1&proto=https&clsid=8596eb09-1325-429d-a3e3-ffb1feebb5bd&rando=21&pid=645c834590f2c48ad908f465&cid=6469fbec71f13c58010ba477&stagid=&stplid=&e=inventory&vi=0&cb=1693358486576
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.13.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-13-170.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pixel
cm.g.doubleclick.net/ Frame F0B9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEP_q6z9bZzJySBZkdJvzz2E&google_cver=1&google_push=AXcoOmRme21LrZbP7T8_9NK0rjr0AZ7Q_gTpAhUk7nhVyqn4wgc_tJ0w3OB_as1xa0JihwIjLPd4ksZ0ty45voIM...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRme21LrZbP7T8_9NK0rjr0AZ7Q_gTpAhUk7nhVyqn4wgc_tJ0w3OB_as1xa0JihwIjLPd4ksZ0ty45voIMrmeD3kFoou_g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRme21LrZbP7T8_9NK0rjr0AZ7Q_gTpAhUk7nhVyqn4wgc_tJ0w3OB_as1xa0JihwIjLPd4ksZ0ty45voIMrmeD3kFoou_g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351283&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483255&bpp=405&bdt=614&idt=723&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=2&ga_vid=448424990.1693358484&ga_sid=1693358484&ga_hid=1924307505&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2172&biw=1600&bih=1200&isw=336&ish=280&ifk=2231387374&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077328%2C42531706%2C21065724&oid=2&pvsid=848690160865409&tmod=1792512408&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n2dom0z1dmc7&btvi=1&fsb=1&dtd=744
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 30 Aug 2023 01:21:26 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x1 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRme21LrZbP7T8_9NK0rjr0AZ7Q_gTpAhUk7nhVyqn4wgc_tJ0w3OB_as1xa0JihwIjLPd4ksZ0ty45voIMrmeD3kFoou_g
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 30 Aug 2023 01:21:25 GMT
pixel
cm.g.doubleclick.net/ Frame F0B9
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEOKx-Swc3XdugfhLHGvfpgY&google_cver=1&google_push=AXcoOmSWRs2WW5UHrcw1hMNChlV0qA7uWnuNDNnTwGS_0wH4b6j62rxtRDneM7_f7w93YerVKOwF9aMj5kUgGzfYBlK4B_3hueAmSw
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0197E0FE5B9F4CF0AF00A0E1A4D91CFE&google_push=AXcoOmSWRs2WW5UHrcw1hMNChlV0qA7uWnuNDNnTwGS_0wH4b6j62rxtRDneM7_f7w93YerVKOwF9aMj5kUgGzf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0197E0FE5B9F4CF0AF00A0E1A4D91CFE&google_push=AXcoOmSWRs2WW5UHrcw1hMNChlV0qA7uWnuNDNnTwGS_0wH4b6j62rxtRDneM7_f7w93YerVKOwF9aMj5kUgGzfYBlK4B_3hueAmSw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351283&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483255&bpp=405&bdt=614&idt=723&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=2&ga_vid=448424990.1693358484&ga_sid=1693358484&ga_hid=1924307505&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2172&biw=1600&bih=1200&isw=336&ish=280&ifk=2231387374&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077328%2C42531706%2C21065724&oid=2&pvsid=848690160865409&tmod=1792512408&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n2dom0z1dmc7&btvi=1&fsb=1&dtd=744
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 30 Aug 2023 01:21:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0197E0FE5B9F4CF0AF00A0E1A4D91CFE&google_push=AXcoOmSWRs2WW5UHrcw1hMNChlV0qA7uWnuNDNnTwGS_0wH4b6j62rxtRDneM7_f7w93YerVKOwF9aMj5kUgGzfYBlK4B_3hueAmSw
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 29 Aug 2023 01:21:26 GMT
pixel
cm.g.doubleclick.net/ Frame F0B9
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEN95FU9nop2TI6W0f2VxLPo&google_cver=1&google_push=AXcoOmSVwI5rbrmrdBt_YVEyFTt_gtzuyrv4aJj_QaMJqFANQxupWB_6E8c_lBS1y43M-XRd6f_Vl7trjakz26...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MjkxOTMxMzQ3OTg5MTEwMg%3D%3D&google_push=AXcoOmSVwI5rbrmrdBt_YVEyFTt_gtzuyrv4aJj_QaMJqFANQxupWB_6E8c_lBS1y43M-XRd6f_Vl7trjakz26qfHF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MjkxOTMxMzQ3OTg5MTEwMg%3D%3D&google_push=AXcoOmSVwI5rbrmrdBt_YVEyFTt_gtzuyrv4aJj_QaMJqFANQxupWB_6E8c_lBS1y43M-XRd6f_Vl7trjakz26qfHFcNBvzFMp5t0g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351283&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483255&bpp=405&bdt=614&idt=723&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=2&ga_vid=448424990.1693358484&ga_sid=1693358484&ga_hid=1924307505&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2172&biw=1600&bih=1200&isw=336&ish=280&ifk=2231387374&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077328%2C42531706%2C21065724&oid=2&pvsid=848690160865409&tmod=1792512408&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n2dom0z1dmc7&btvi=1&fsb=1&dtd=744
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MjkxOTMxMzQ3OTg5MTEwMg%3D%3D&google_push=AXcoOmSVwI5rbrmrdBt_YVEyFTt_gtzuyrv4aJj_QaMJqFANQxupWB_6E8c_lBS1y43M-XRd6f_Vl7trjakz26qfHFcNBvzFMp5t0g
Date
Wed, 30 Aug 2023 01:21:26 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame F0B9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDj76ZP2GcGrlcrouTwblOI&google_cver=1&google_push=AXcoOmRuptfdIEXYj67xTrTshdxJt-zFLzZaUAG_GM3apfI92o8me-pnxh53B_lg21QDcNNFFdXbtw3PUUlA8L_zHnP2...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d9985359-ad17-446e-ab5e-a0d38c866935&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRuptfdIEXYj67xTrTshdxJt-zFLzZaUAG_GM3apfI92o8me-pnxh53B_lg21QDcNNFFdXbtw3PUUlA8L_zHnP2cq83xmBjSQ&google_hm=_ZxpUiZ-R3Od_W3n0xmVIA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRuptfdIEXYj67xTrTshdxJt-zFLzZaUAG_GM3apfI92o8me-pnxh53B_lg21QDcNNFFdXbtw3PUUlA8L_zHnP2cq83xmBjSQ&google_hm=_ZxpUiZ-R3Od_W3n0xmVIA==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRuptfdIEXYj67xTrTshdxJt-zFLzZaUAG_GM3apfI92o8me-pnxh53B_lg21QDcNNFFdXbtw3PUUlA8L_zHnP2cq83xmBjSQ&google_hm=_ZxpUiZ-R3Od_W3n0xmVIA==
date
Wed, 30 Aug 2023 01:21:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame F0B9
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTQV2...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-kCH9E9JAq9eNTr6o39pVdEy4WCj5Dt9UkX-YDQ&google_push=AXcoOmTQV2e8YvEDE5RhF_NZZnH5gGrjoKftrwNndXZE8t6qqzcQ5KYtflQO30WaDsvsMTVKscb_1P3iQZBg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-kCH9E9JAq9eNTr6o39pVdEy4WCj5Dt9UkX-YDQ&google_push=AXcoOmTQV2e8YvEDE5RhF_NZZnH5gGrjoKftrwNndXZE8t6qqzcQ5KYtflQO30WaDsvsMTVKscb_1P3iQZBgSB4ZBXEaDjC_dal8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351283&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483255&bpp=405&bdt=614&idt=723&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=2&ga_vid=448424990.1693358484&ga_sid=1693358484&ga_hid=1924307505&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2172&biw=1600&bih=1200&isw=336&ish=280&ifk=2231387374&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077328%2C42531706%2C21065724&oid=2&pvsid=848690160865409&tmod=1792512408&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n2dom0z1dmc7&btvi=1&fsb=1&dtd=744
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-kCH9E9JAq9eNTr6o39pVdEy4WCj5Dt9UkX-YDQ&google_push=AXcoOmTQV2e8YvEDE5RhF_NZZnH5gGrjoKftrwNndXZE8t6qqzcQ5KYtflQO30WaDsvsMTVKscb_1P3iQZBgSB4ZBXEaDjC_dal8
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
643232
content-length
0
expires
Wed, 30 Aug 2023 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame F0B9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JX8t1If9EZe8sZ9ofSofDIVKNQzUmRbis1g2AR5vLCFh6rQZ6ovUS0PcU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693351283&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693358483255&bpp=405&bdt=614&idt=723&shv=r20230828&mjsv=m202308240101&ptt=5&saldr=sd&cookie=ID%3D7933eb30c2d8f12e%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbApyPaXtAcWyKOZPRTFUpoNJJsbw&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&correlator=6778101003551&frm=23&ife=1&pv=2&ga_vid=448424990.1693358484&ga_sid=1693358484&ga_hid=1924307505&ga_fc=0&ga_cid=amp-K7TurNvsnEUkvxtHg09MBQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2172&biw=1600&bih=1200&isw=336&ish=280&ifk=2231387374&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077328%2C42531706%2C21065724&oid=2&pvsid=848690160865409&tmod=1792512408&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n2dom0z1dmc7&btvi=1&fsb=1&dtd=744
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
usermatch
ssum-sec.casalemedia.com/ Frame 7B8C 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b5b78f1ac222305bed0580fe20b7a706b0203728a21ecaea79a8e9e3c0b012c

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7fe9378d7a6f01db-ZRH
content-encoding
br
content-type
text/html
date
Wed, 30 Aug 2023 01:21:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNd7fZR7Tyjp0PHqR5NXZxygsseUkGabeP4BEQd0aPjygkXJZK%2B7hpaJDeVwYIV1vM%2BciyoI1tiPwBrelg39vOET0B6z9ZazyW%2BaZ44tf029TGcfkXYFjb3CrjcHiKYxS%2BvQGITSov7brA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 4467 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUhD__jpeUECaTplDEN85zp-deIQt94hdcM7Kwhw4z4H2kBbes5fXhquoU_GvqdP8tMGICD2JzE6N_0P-fJGkDHyAIrrLvtbLVEUQS3ggIT68ik_aDd_RFHevc1Abkybs&sai=AMfl-YRWAJrmjtNxWbabQRosgnUVpTbj0ZNpbd4eeX2x4YPAxTP7OI8wSBpy2Agtn9ErTPfqhqgHthi3Ry_jm5x8cJwO0yrBMvNOGC2iNdwmggy-E5qsRGspd0p0ItrkqTnW9wPkuFeZ5Bnyxn85&sig=Cg0ArKJSzAvmABZW5k36EAE&cid=CAQSSwBpAlJWjVEMPG-CZSsF3vGb98JQf8ob35zJDhOGfFshVf4guAg3ZVtCKRDlHqNYLgtZVohBFkAvnKEVnZRpfS68nb_Ytwmq4VjT-BgB&id=lidar2&mcvt=1144&p=1110,315,1200,1285&mtos=1144,1144,1144,1144,1144&tos=1144,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2825066673&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693358483615&rpt=1849&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
13926
g2.gumgum.com/usync/ Frame 972B 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.254.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-254-183.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
618dd33f26b4b7d3e53febd902ad19a26126d7bddcb3922b39383f744f63ff86

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 30 Aug 2023 01:21:26 GMT
etag
W/"071a5846e1253ad47549565ff190aaf5f"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame C1A2 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 1B89 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.108 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
b41024ecc81fbdd5097419fd7d66554b16de976cdd0ca8def653fa6f6753ac02

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
1128
content-type
text/html
date
Wed, 30 Aug 2023 01:21:26 GMT
usermatch
ssum-sec.casalemedia.com/ Frame E6C7 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
770771d80263e4685321b0a06439115c430c8e287cedcdfef6db1ded24bd864b

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7fe9378deaa101db-ZRH
content-encoding
br
content-type
text/html
date
Wed, 30 Aug 2023 01:21:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssNIHb%2F4e%2B5Tw7%2FS3OFq0Z%2BznSJ3BmSm4qGGdfQpe7Im%2FhWwkKgekhKxXAOyoJltlwDy2PXMLRnjEBmQg2NkXMIRtkE3udNS0NEbR8KpYzf39ubE9HPAkrF0gIKl7ztKICVgffG0kKZReA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame EDBC
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 30 Aug 2023 01:21:26 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 30 Aug 2023 01:21:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FCDC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=93653
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 30 Aug 2023 01:21:26 GMT
expires
Thu, 31 Aug 2023 03:22:19 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame D318 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:5800:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
dc87ba247e5444027479aca672e4d5c0e51f956ffd68343ff750f1022ab31a8e

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-type
text/html
date
Wed, 30 Aug 2023 01:21:26 GMT
server
istio-envoy
via
1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-id
rHe4aMyoE1QMZ9ngsT095AcXM1PzfZ_zKq-vtsH0s6Qo9Pnqd0OCVQ==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
3
user-sync
sync.adkernel.com/ Frame 8DAA 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Wed, 30 Aug 2023 01:21:26 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame AC52 		557 B
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
44.194.237.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-237-52.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
bdc19dbf866429b51a2601251df71c118fb4f38f40332f56f8a26cff41da01e1

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Wed, 30 Aug 2023 01:21:26 GMT
server
istio-envoy
x-envoy-upstream-service-time
2
sync
ads.servenobid.com/ Frame 8733
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=4853856628407888645
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=4853856628407888645
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
an-x-request-uuid
393ff676-4c69-4478-a49f-e9db306cb1a4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=4853856628407888645
x-proxy-origin
176.10.107.238; 176.10.107.238; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 8733
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HPBxtRZHIDXCHu_cRruJxKnT
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HPBxtRZHIDXCHu_cRruJxKnT
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:26 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HPBxtRZHIDXCHu_cRruJxKnT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 8733 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 30 Aug 2023 01:21:26 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 8733
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1693358486785
  • https://ad.turn.com/r/cs?pid=45&rndcb=2978263750
  • https://sync.1rx.io/usersync/turn/3630025452598104057?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-7d39f28a-f76f-4b31-a862-b1662b604886-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-7d39f28a-f76f-4b31-a862-b1662b604886-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-7d39f28a-f76f-4b31-a862-b1662b604886-003
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-7d39f28a-f76f-4b31-a862-b1662b604886-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-7d39f28a-f76f-4b31-a862-b1662b604886-003
date
Wed, 30 Aug 2023 01:21:27 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX7d39f28af76f4b31a862b1662b604886003
content-type
text/html
sync
ads.servenobid.com/ Frame 8733
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5142336724966456893
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5142336724966456893
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5142336724966456893
Date
Wed, 30 Aug 2023 01:21:26 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 8733
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=59bdb483-cf2b-461e-b031-e5e10ecc29dc
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=59bdb483-cf2b-461e-b031-e5e10ecc29dc
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-226
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=59bdb483-cf2b-461e-b031-e5e10ecc29dc
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 8733
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Wed, 30 Aug 2023 01:21:26 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 8733
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-fKgya1xE2uHX5gsbQ62fTRwhaaJVK4h2GWhUeTw-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-fKgya1xE2uHX5gsbQ62fTRwhaaJVK4h2GWhUeTw-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-fKgya1xE2uHX5gsbQ62fTRwhaaJVK4h2GWhUeTw-~A
date
Wed, 30 Aug 2023 01:21:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
merge
ce.lijit.com/ Frame 8733
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-5e23333f-ebe6-35a1-aa82-3cb42190cc12&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNI...
0
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=279534&3pid=ua-5e23333f-ebe6-35a1-aa82-3cb42190cc12&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS01ZTIzMzMzZi1lYmU2LTM1YTEtYWE4Mi0zY2I0MjE5MGNjMTIQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS01ZTIzMzMzZi1lYmU2LTM1YTEtYWE4Mi0zY2I0MjE5MGNjMTIyAgwYOAE=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:27 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

location
https://ce.lijit.com/merge?pid=279534&3pid=ua-5e23333f-ebe6-35a1-aa82-3cb42190cc12&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS01ZTIzMzMzZi1lYmU2LTM1YTEtYWE4Mi0zY2I0MjE5MGNjMTIQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS01ZTIzMzMzZi1lYmU2LTM1YTEtYWE4Mi0zY2I0MjE5MGNjMTIyAgwYOAE=
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 8733
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-fKgya1xE2uHX5gsbQ62fTRwhaaJVK4h2GWhUeTw-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-fKgya1xE2uHX5gsbQ62fTRwhaaJVK4h2GWhUeTw-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-fKgya1xE2uHX5gsbQ62fTRwhaaJVK4h2GWhUeTw-~A
date
Wed, 30 Aug 2023 01:21:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 8733 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.69.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-69-99.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
sync
ads.servenobid.com/ Frame 8733
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Wed, 30 Aug 2023 01:21:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Wed, 30 Aug 2023 01:21:26 GMT
sync
ads.servenobid.com/ Frame 8733
Redirect Chain
  • https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
  • https://ads.servenobid.com/sync?pid=328&uid=4c628fb3-b9fc-443e-af94-33892914ad6c
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=328&uid=4c628fb3-b9fc-443e-af94-33892914ad6c
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=328&uid=4c628fb3-b9fc-443e-af94-33892914ad6c
Date
Wed, 30 Aug 2023 01:21:27 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
async_usersync
ib.adnxs.com/ Frame F93D 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
an-x-request-uuid
0d0fdf07-2775-4449-a9c2-03165eef3747
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
176.10.107.238; 176.10.107.238; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame E561 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?xg9hOw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame E3E7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYvBDiPe_qJafwFjaqgCPN3s_c3pZlfo4a8Dm9Y1SnRBoR_DU2AqaT-aayGWDG6futZMkxmnTj3QE2cTZ5kcxDivTQ2GltxuZSIKZXfpGoeQnfXGgNIr5egdEDcjv9BYs&sai=AMfl-YQAR-eq7m_RVC85fWOV6jpGJnFgYaOM4GRt2bQqduDo_08_Ccbpij82eEhx8tSJPistP14fayEB8DJCAEry-Iuz9-SgHJvjrhDf8tTPrwFs0d2uJyOQrEzBBQzncBVqsj3wBtrhzU6Iwktk&sig=Cg0ArKJSzBAXflvcEIe1EAE&cid=CAQSSwBpAlJWjVEMPG-CZSsF3vGb98JQf8ob35zJDhOGfFshVf4guAg3ZVtCKRDlHqNYLgtZVohBFkAvnKEVnZRpfS68nb_Ytwmq4VjT-BgB&id=lidar2&mcvt=1125&p=60,295,135,595&mtos=1125,1125,1125,1125,1125&tos=1125,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693358483607&rpt=2030&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZO6Zk_k6rGJK08KKXgKetwAAFJsAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7B8C 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZO6Zk_k6rGJK08KKXgKetwAAFJsAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:2dd:853d:91ea:688e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 7B8C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=6945519203272921081
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=6945519203272921081
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wMg%2FPE0sIgQC75lQpWRm%2BOJatwBird0WnWU5xATV4yS3e2WZle60jJSCD5x3kX%2B5b5Vgy4b6Ll4S7RgUV1mxPd5xNgHNKiulutMmxQIROjZpf6PNI5bzZB%2B19%2B9gULCtVfULIbPoaRKTtg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7fe9378fab8001db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=6945519203272921081
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
user-registering
ads.stickyadstv.com/ Frame 7B8C 		43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZO6Zk_k6rGJK08KKXgKetwAAFJsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.238.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-238-158.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:26 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1693358486675063-576
Expires
Wed, 30 Aug 2023 01:21:26 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 7B8C 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.165.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-165-174.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame 7B8C 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.91.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-91-154.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
rum
dsum-sec.casalemedia.com/ Frame 7B8C
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=81e6062d-beb8-ecd6-9bbe4b9c
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=81e6062d-beb8-ecd6-9bbe4b9c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUrn99U5XyMW5m50kbCJE0RaOHZsfwB3%2BElJhYxGQwLPz26jWAVgCQw1mwtuWFnb6va6fi3%2BtXwTbFIuLxBTtf8Q2cDhusYNkCGqBjyYPv%2FrR6XYcVpDjwA4pKEZif64jYnIyIzG1NPnKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7fe937902bef01db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 30 Aug 2023 01:21:26 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=81e6062d-beb8-ecd6-9bbe4b9c
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
ium
ssum-sec.casalemedia.com/ Frame 7B8C
Redirect Chain
  • https://ids.ad.gt/api/v1/index?cb=https%3A%2F%2Fssum-sec.casalemedia.com%2Fium%3Fsourceid%3D15%26uid%3D
  • https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=0001yum0ea866kdiceebhhi98ldd7cecg7eeefigiaabackkc2jl
0
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=0001yum0ea866kdiceebhhi98ldd7cecg7eeefigiaabackkc2jl
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vWPQ5FolRgUNjT39m3eC2BG9H9X4bgBBD6pjAQ4ghCnYCYPBmVKPlIbiuaxKi2nZZbYwZQh4iYk%2BOLYziTX1rajd6t5Pcxma0lxm8usUdVZUFuFDADg7RPhah%2BTAJTWPViUcm9bXD6ftlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, no-cache, no-store
cf-ray
7fe937911d2001db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Wed, 30 Aug 2023 01:21:27 GMT

Redirect headers

location
https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=0001yum0ea866kdiceebhhi98ldd7cecg7eeefigiaabackkc2jl
date
Wed, 30 Aug 2023 01:21:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7fe9378f4de4bae8-MXP
content-type
text/html; charset=utf-8
casale
match.adsrvr.org/track/cmf/ Frame 7B8C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
htw-pixel.gif
cdn.indexww.com/ht/ Frame 7B8C 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZO6Zk-k6rGJK08KKXgKetwAA%265275
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
11995
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7fe9378f3ee323f7-ZRH
content-length
43
expires
Thu, 31 Aug 2023 01:21:26 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 9833 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
472857
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7fe9378e8fdd59e9-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EEA5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230828&jk=1084659188754477&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum.casalemedia.com/ Frame E6C7
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=2e56ab9d118c241c&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIOsjnu-fa2QMqvbuxAAAAAAA&expiration=1693444886&is_secure=true
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIOsjnu-fa2QMqvbuxAAAAAAA&expiration=1693444886&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIOsjnu-fa2QMqvbuxAAAAAAA&expiration=1693444886&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame E6C7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7276866640929803979&expiration=1694568086
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7276866640929803979&expiration=1694568086
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1FBzyvrw3s5CO2NbA1wEIphBw3RPREVQ%2FlSIBbl7JxAYDpTd9EKbsZYOf5Jw9Z2SuX5iIneuDisLVU9Bdb7ervzcYT%2Fd454XmImqZ7TGIqhBuNGHviSeTZKxdY0K6Zq0nBs4B3XkLllZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7fe9378f5b5101db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7276866640929803979&expiration=1694568086
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame E6C7
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709256087&external_user_id=c9fccd07-dd99-47a7-8d8b-5922dbe35aa3
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709256087&external_user_id=c9fccd07-dd99-47a7-8d8b-5922dbe35aa3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ts0lu0MXEWD7xFk153Re3qYXWB5m2jBkKm9rf0xfveu2pE7WFafjcw%2FTngUonG%2BqTTXDDn1XwCnSMRyUCTMoZmS2XiwjMqp8uAFpP9HR8ZaYRlf5w19i%2FfluKHktEPgONwjVsXzDNIoqVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7fe93790fd0001db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 30 Aug 2023 01:21:27 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709256087&external_user_id=c9fccd07-dd99-47a7-8d8b-5922dbe35aa3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame E6C7
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=7dtyf-LWLij2i3Qq4986Ku_aJiP23yV4utdql7r8
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=7dtyf-LWLij2i3Qq4986Ku_aJiP23yV4utdql7r8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32RJiFzk6H%2BCVYHZslA86GGUDCRILWhA8sq4HuAyeUU%2BnhIz7phGlCd0lZI%2F%2FwbQ1JdYTp911zwMay2HQtpiHGSQR1h2kuuxvCc%2B7xW6z8PK4rL2oJQEN4OVLALLameLpvXFsILLWsA2Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7fe9378fab8101db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=7dtyf-LWLij2i3Qq4986Ku_aJiP23yV4utdql7r8
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E6C7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3630025452598104057
43 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3630025452598104057
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uw3RdOIWnIkJvex8p5ysL5%2Fsw%2F1AkuyPM%2Fdw%2BKaL422%2BQr88LEC06C91wQWVBEfCgyPplglFhTAvKSc%2BpzSrkqyLfH16qCMh4iuzu8SVEx8rzQnh5F%2B5s1FOYSO6a7g0UVyGwt7r%2F%2BRXQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7fe9378fdba501db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3630025452598104057
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum.casalemedia.com/ Frame E6C7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4853856628407888645
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4853856628407888645
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
an-x-request-uuid
a352ae23-3507-4f79-ab8a-12977e7a486d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4853856628407888645
x-proxy-origin
176.10.107.238; 176.10.107.238; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame E6C7 		43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZO6Zk_k6rGJK08KKXgKetwAAFJsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.238.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-238-158.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:26 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1693358486743045-561
Expires
Wed, 30 Aug 2023 01:21:26 GMT
casale
match.adsrvr.org/track/cmf/ Frame E6C7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
ads.servenobid.com/ Frame E6C7 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZO6Zk_k6rGJK08KKXgKetwAAFJsAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
link.html
track.webgains.com/ Frame 1AE9 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hf1znambe6r8p8ab2znk8j38jhpxmv5x72te35r178zhzb56sk0874fyz0vk539ajas7gat8b2xcem7cxk2jnjazvhey7g4whyq15ztxhe9z4e9bf09tt25g79tyn8pm2457528nk77pwky96d54086ncbpmb6q0w1bya4pm2mvhta7cwfnxjgxbg0kyajj2df0tczkn1th7xrbp9gxcrw6m3m3ddnqqajv36fes43y7mya4f6vzx9j233v79wd6j90%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ha4bhw9snhz3wkk3wv0bqarr0t75t888pmczsakbm264y8z620p51sh14czrm2w8c34s8ng5pxs726nvtgk2e190mvty7d2m9z69ctw9dje4p3sej4dcx1m3m20p0qg7ptmrb42azhepf0g6z7nht3gga47v22aebhbnv8m94dbt7q0v2nhvtv8h2h7te3yyx4k1xrweteegg1jwyf7mw2ck2qdjvk2v5rn9sw7sxs6z7tx9qnawj5csfjge16d0p2h5kvwer82702fh382j42dkg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvUu2k5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoElgJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmawa6XZtPQsrUPglQMxY5iqWfonWbXLWIz7zOCJ6ypedVFa_8s6g0k7qdYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0wlaYbxeks7XFQ0NQCaTCqoq2Q-A%252526client%25253Dca-pub-3216231935713038%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d5ff64c682704ee84b21d7d0a26b151f%2F6310840116423024949&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693358486073&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha4bhw9snhz3wkk3wv0bqarr0t75t888pmczsakbm264y8z620p51sh14czrm2w8c34s8ng5pxs726nvtgk2e190mvty7d2m9z69ctw9dje4p3sej4dcx1m3m20p0qg7ptmrb42azhepf0g6z7nht3gga47v22aebhbnv8m94dbt7q0v2nhvtv8h2h7te3yyx4k1xrweteegg1jwyf7mw2ck2qdjvk2v5rn9sw7sxs6z7tx9qnawj5csfjge16d0p2h5kvwer82702fh382j42dkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvUu2k5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoElgJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmawa6XZtPQsrUPglQMxY5iqWfonWbXLWIz7zOCJ6ypedVFa_8s6g0k7qdYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0wlaYbxeks7XFQ0NQCaTCqoq2Q-A%2526client%253Dca-pub-3216231935713038%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.22.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-9-22-61.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
server
awselb/2.0
content-length
45
content-type
text/html
usync.js
eus.rubiconproject.com/ Frame EDBC 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
19ca7fd01ac3b9345ac5d2d90e34cea22ddf2d5d8756ba3b054d96726db22405

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 01:21:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Aug 2023 15:52:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52225
Connection
keep-alive
Content-Length
10117
Expires
Wed, 30 Aug 2023 15:51:51 GMT
generate_204
tpc.googlesyndication.com/ Frame D30C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6agtyg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame D318
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=&ismms2s=1ZO6Zk-k6rGJK08KKXgKetwAA%265275
0
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21476&id=&ismms2s=1ZO6Zk-k6rGJK08KKXgKetwAA%265275
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.229.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
server
istio-envoy
x-reason
missing buyer cookie sync value, buyer id: '21476'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSuAhdCovYlbRS0K0BF9ugXNwcKc1DnH6nSwRY01oqG9HpEJuSIGdYw4TGi%2B%2Fk7clh19ve5Ujh8A%2B%2Btzoi6SyILq0ChvyvXSRYRN%2BHeRGMYJfVDdC7dtexyhDHfLcRrmuMizYqbM1lqhpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs.minutemedia-prebid.com/cs?aid=21476&id=&ismms2s=1ZO6Zk-k6rGJK08KKXgKetwAA%265275
cache-control
no-cache
cf-ray
7fe9378f3b3401db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame D318
Redirect Chain
  • https://b1sync.zemanta.com/usersync/minutemedia/?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21515&uid=&ismms2s=1&gdpr=0
0
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21515&uid=&ismms2s=1&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.229.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
server
istio-envoy
x-reason
missing buyer cookie sync value, buyer id: '21515'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs.minutemedia-prebid.com/cs?aid=21515&uid=&ismms2s=1&gdpr=0
Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
103
Content-Type
text/html; charset=utf-8
cs
cs.minutemedia-prebid.com/ Frame D318
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21492&uid=&ismms2s=1&gdpr=0
0
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21492&uid=&ismms2s=1&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.229.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
server
istio-envoy
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21492&uid=&ismms2s=1&gdpr=0
date
Wed, 30 Aug 2023 01:21:26 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
match
ads.betweendigital.com/ Frame D318 		0
0
cs
cs.minutemedia-prebid.com/ Frame D318
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=&ismms2s=1847ad660-f33f-467d-ac5f-a387e4e8ee93
0
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21477&id=&ismms2s=1847ad660-f33f-467d-ac5f-a387e4e8ee93
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.229.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
server
istio-envoy
x-reason
missing buyer cookie sync value, buyer id: '21477'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Wed, 30 Aug 2023 01:21:26 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs.minutemedia-prebid.com/cs?aid=21477&id=&ismms2s=1847ad660-f33f-467d-ac5f-a387e4e8ee93
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame D318
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER...
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=b194e8a6da97957492dbdd42b6f58015&ismms2s=1
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21502&id=b194e8a6da97957492dbdd42b6f58015&ismms2s=1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.229.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://cs.minutemedia-prebid.com/cs?aid=21502&id=b194e8a6da97957492dbdd42b6f58015&ismms2s=1
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame D318
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=0&gdpr_consent=%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=1423789398647959843&gdpr=0&gdpr_consent=
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21498&id=1423789398647959843&gdpr=0&gdpr_consent=
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.229.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21498&id=1423789398647959843&gdpr=0&gdpr_consent=
date
Wed, 30 Aug 2023 01:21:26 GMT
content-length
0
minute_media
cs.admanmedia.com/sync/ Frame D318 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/sync/minute_media?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D%26ismms2s%3D1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.166 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 01:21:28 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
cs
cs.minutemedia-prebid.com/ Frame D318
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID%26ismms2s%3D1
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=1022224445056970700251&ismms2s=1
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21480&id=1022224445056970700251&ismms2s=1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.229.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21480&id=1022224445056970700251&ismms2s=1
date
Wed, 30 Aug 2023 01:21:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
ap.lijit.com/ Frame D318 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID%26ismms2s%3D1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 30 Aug 2023 01:21:26 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Pug
simage2.pubmatic.com/AdServer/ Frame D318
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID%26ismms2s%3D1
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID%26ismms2s%3D1&rdf=1
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=f6452273-e691-43e2-ad05-62a81736963e&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fd9c6952-267e-4773-9dfd-6de7d3199520&gdpr=&gdpr_consent=&gdpr_pd=
1 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fd9c6952-267e-4773-9dfd-6de7d3199520&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 01:21:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fd9c6952-267e-4773-9dfd-6de7d3199520&gdpr=&gdpr_consent=&gdpr_pd=
date
Wed, 30 Aug 2023 01:21:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cs
cs.minutemedia-prebid.com/ Frame D318
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562963&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=ZtbkD4oV96sj&ismms2s=1&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21494&id=ZtbkD4oV96sj&ismms2s=1&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.229.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://cs.minutemedia-prebid.com/cs?aid=21494&id=ZtbkD4oV96sj&ismms2s=1&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-gnn4h
expires
-1
sync
ads.servenobid.com/ Frame D318 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=MraIUYM-kp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
pagead2.googlesyndication.com/bg/ Frame BB1B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 19:55:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
192366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14795
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Aug 2024 19:55:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 75B3 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BchnslJnuZJyfCIyNrASp4rVAAAAAADgB4AQC&bg=!6Oul66TNAAYkVgHwBFY7ADQBe5WfOOz7UTe542aYYj4-zSujNkZF2x5m3FTehY46Z3l6IgRNYcACCqZdytOkE37DzxTuAgAABghSAAAACWgBB5kC_PNhKOKabU744YD2TxwGSusNXFj-3i6yVRGKuWpKC0hqExje2DqAP2kTL5dr-m7uk3NFUiRIV1r88boUfF6bncqb25BTIQOE0AiLPOdQ-NBfrN8C9EtKOQitW5VxC-_wfFrGB189rhcWE08ObVm8otOxnGjXwU88ekqpjVKL_p0aqTYLp5RNDY2X7calJdN6T74XOKVzeJ1pScQW6jQALIDc3OZcgIzRVAad3UKfwFHw_Tks0wWCeOX12FFZZ-1rTLhuPblexuE2qEugl-EeI7Nq2ZmQxQgUMPTMVkSRhmG9pKsG2wDeb9mgIsMgQKZ0BQkwMvc0Ri7V8JW5x4cYVhbR2usLYcDWohpkdhwLNU4JPkaNSn_K8u0GMxpLdUSDP9tVoPJdWZvy7gY1RIbuO_0nanxJ35-5wP-RZe_ZVdJnoDx1mtJ3FULDluiREY4JJHJMip5EEAuk5naTktlzXwDdCRGXJKOwLEY2RxgWndJh53La6PoBkSMSPh-O1ZrCm_Sa33ZXFXws8T6xcpnNQsWQqnXMytYi3HyTLVNV4mkFJDAQjiJnRDTiE7wZCd8qsMrz4pwshGVSzBHxtWaWh7qzOBExW9lM3rv_t4ljexHt01e4z8Lv4U567tvqlOq_973ZCSL3qaivF0Q4_oUIsuKF6K84YgGtnUF4LdKEYEULLSWobhDF226DnQIKzI_e4O6eSh1l-I7XAdyrCh-yG25nGz83IHVzqXCZoo0Q9VVTUh6C1tXQo5AhFE0T3vVxZqclAAhcMj5q598Qs92Oqi8ZNOcSXtxZKjWS6qht6-TuYUp466qZxSJMMhPB7CXJGRhvcoK85ju_Cz3kePWXZZpucO54SnWOQ4PVDzi5Cctn7CxaGcZsevuVRufFJf8Tud9EfozDRoFeP2BsAsi2CGranKJVlBUL1JcSBS5NPIzHvGak9UhR2sJWp8YFzsHJpbtUJwKS4--2Xe82fDOEjSAB0r6fYZNqzG3l__R7uC-lzVnsCzfg7CVM-wsR
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 972B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=4853856628407888645
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=4853856628407888645
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
an-x-request-uuid
477b480e-c82a-4305-a4c6-083373a8d739
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=4853856628407888645
x-proxy-origin
176.10.107.238; 176.10.107.238; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 972B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_d50d3990-135f-4223-9df7-303347650d3d&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=fd9c6952-267e-4773-9dfd-6de7d3199520&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=fd9c6952-267e-4773-9dfd-6de7d3199520&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=03cbe419-5a10-4f08-a3f1-4e1e40391e96&ssp=gumgum2&bsw_param=fd9c6952-267e-4773-9dfd-6de7d3199520
  • https://usersync.gumgum.com/usersync?b=bsw&i=fd9c6952-267e-4773-9dfd-6de7d3199520&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=fd9c6952-267e-4773-9dfd-6de7d3199520&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=fd9c6952-267e-4773-9dfd-6de7d3199520&gdpr=0&gdpr_consent=&us_privacy=
date
Wed, 30 Aug 2023 01:21:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
syncPlatform
sync.outbrain.com/ Frame 972B
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28hsRhzCqqAsB9hDkCiM57Sumk6uQz2z7CQhyzfjMgzo2K9FgfsMlJAdKNjTfaIEVV%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_d50d3990-135f-4223-9df7-303347650d3d&obuid=ENC(hsRhzCqqAsB9hDkCiM57Sumk6uQz2z7CQhyzfjMgzo2K9FgfsMlJAdKNjTfaIEVV...
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 01:21:27 GMT
Cache-Control
no-cache
X-TraceId
e04d645c1b4ab9a89bfd0a7b6d2716a9
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Date
Wed, 30 Aug 2023 01:21:27 GMT
X-TraceId
6ac37dc3e50ea56192dee4822fc697a0
Content-Length
0
usersync
usersync.gumgum.com/ Frame 972B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=ea1e9014-a4b8-417f-b3bc-aa9d6cbb6530
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=ea1e9014-a4b8-417f-b3bc-aa9d6cbb6530
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 30 Aug 2023 01:21:27 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=ea1e9014-a4b8-417f-b3bc-aa9d6cbb6530
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 972B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-94e41786-cd1c-5cdc-78a6-d1239c7086bd$ip$176.10.107.238
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-94e41786-cd1c-5cdc-78a6-d1239c7086bd$ip$176.10.107.238
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-94e41786-cd1c-5cdc-78a6-d1239c7086bd$ip$176.10.107.238
Date
Wed, 30 Aug 2023 01:21:27 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 972B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-8B7uexFE2pdQ3W_L7K06GaY09rTQCpQbefFl~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-8B7uexFE2pdQ3W_L7K06GaY09rTQCpQbefFl~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 30 Aug 2023 01:21:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-8B7uexFE2pdQ3W_L7K06GaY09rTQCpQbefFl~A
content-length
0
usersync
usersync.gumgum.com/ Frame 972B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=18a86487-cb20-4b9c-96c6-7f1a42396f8a
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=18a86487-cb20-4b9c-96c6-7f1a42396f8a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=18a86487-cb20-4b9c-96c6-7f1a42396f8a
Date
Wed, 30 Aug 2023 01:21:27 GMT
Connection
keep-alive
X-CI-RTID
1c68323d-d3dd-45c6-90d4-ee5b0c39570f
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 972B 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 972B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_d50d3990-135f-4223-9df7-303347650d3d&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=fraC2Db-pFpi0kttCvnU&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2ZTSMFBTERDCFVYEM4DJGBVXI5CDOZXFK...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=fraC2Db-pFpi0kttCvnU&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=fraC2Db-pFpi0kttCvnU&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:27 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=fraC2Db-pFpi0kttCvnU&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 972B
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=d6655485-fa8d-4675-9833-12b7fb188aa2
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=d6655485-fa8d-4675-9833-12b7fb188aa2
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=d6655485-fa8d-4675-9833-12b7fb188aa2
access-control-allow-origin
*
date
Wed, 30 Aug 2023 01:21:27 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 972B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=8MO6e4Qn8OT3&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=8MO6e4Qn8OT3&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=8MO6e4Qn8OT3&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-n9phv
expires
-1
usersync
usersync.gumgum.com/ Frame 972B
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1423789398647959843
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1423789398647959843
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1423789398647959843
date
Wed, 30 Aug 2023 01:21:26 GMT
content-length
0
sync
ads.servenobid.com/ Frame 972B 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_d50d3990-135f-4223-9df7-303347650d3d
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6760 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230828&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b778d1d3a9293d8413b4dd9ad71488a1a4027335ca431ac6da49f6ff7fdcb108
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11843
x-xss-protection
0
video1.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		396 KB
397 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video1.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
9c54bf6ab1af08f7f512d67d17c99c32dd9bddc19421c9a7e672b2a22ffe5ed1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:26 GMT
cdn-edgestorageid
1079
cdn-storageserver
DE-677
cdn-cachedat
08/18/2023 10:37:58
cdn-pullzone
829957
content-length
405516
last-modified
Fri, 18 Aug 2023 08:17:57 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
637
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
18ae471a909341ef21ca3690a96f5189
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
gen_204
pagead2.googlesyndication.com/pagead/ Frame F218 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVyWVk5nuZNKgOJiZrATUh4b4AgAAAAA4AeAEAg&bg=!ra6lruHNAAbGwlhq5sI7ADQBe5WfOI6th_xwipLi6dvtYC1NCpEA6TrMo4lStL7qrQmhmsTZsEBS5xg2_tjHBxygm0ogAgAABn1SAAAAB2gBBwoAbS8ib1Hhqyb9L7gVEmYsMuO7PGbp3zRtIn4-hjHVUDepdpCG4mONyRLOdhctYswBtjdE0p2DNJCUy4HqwqrrzveNFdDclrbeOR15gXOnbVEdzk2pWVFpe2X9AZp2mBa1kIBQfdT1YS7--Z0rwsSZAsVW0rzHPaljh9LMXkJx-u8yeAfvcab5IGdTeXVnFMIxwXGwUucnuRaFqErGa0EDzy9LK4TQD282UqDB2bg2s9ZyuFEeKbTedRTE2LOziHncLUdyOcEiXL4CBFivszS6aigI53bRJbxlaUV9DLDS_a07fhapXOmXvRPa8Ex-KHhRthUK5xz7kbiiRN4nK6IarugbWklfHXpN2aPEwmsJtNC1t1AgU5Wqn3nvA33u9YtFw92wPP75_I-pbF8z5rkdXRO5X76Y_Wuamn7B6issUUbni9mkVNZ8QqKhgUFfb4ZLadyabJJPfx7_o5h9f14z--mCs13ziIxHawl1D3JGJUYwkD-ZA5nHNhQEY3sInistyHcm6XundmvoeQ-nlUtdUkujBhydfe_fXdtU9CyUFcG9HETRKqwmO_TWIUgkuYrD_Yhm7i6CcHNpLuVj7d9O-kStdOirAHWu0CnCdPS9x1SAn44NUtl_dfYrvkHxjmiavZw0XpO9CbSxmcCfqS6Obq8wM8-sAohBQE9dSFdpr-wDsH4ckLLzdlA2i2m-D6I1cv22JwkfCDbgkGByXwVHqB3fGGG-_KCs8ivd3dVCyZ5LIsh6MBfs2W0uI5L9vhfp0xFhHrcZhGyhOFVGdleljf_g1JvXHGbZSA0hsK1g-AeygjUe9_GzPrmcMmL4lcRMKTPPSSm-DEAEG2eSPRZeCV70ijzxd6OOsgmUqBq3ArVVu7QaMLFYXnLjkUcNbKhg6wcm9VrDktRYi_vRnR3WmvTl7ZwZoot7Y8ZmOyywBBEeSMFzyNAoVtqXRtroMxgRsH-i8wBgegx0-1jRXxCPZZFXjtv4bIYdjAaVmWPVNDIzdFxCYMsmWLtIJhftMAbLy5xiCzbDo0RgzzMofNCrDEfnMSjU2ErVI1NZixH5G4hsBWmyd09p3_W4mEGpwzMXHLb1JlS4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal90002.redintelligence.net/ Frame 4991 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/viewability?s=99267200007424204444982012432002&a=fe48aa7d&vb=v
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=99267200007424204444982012432002&a=6e744d5e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90002.redintelligence.net/request_content.php?s=99267200007424204444982012432002&a=6e744d5e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 01:21:27 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
onetag-sys.com/usync/ Frame F27C 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=%26ismms2s%3D1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame D32E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 30 Aug 2023 01:21:27 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 30 Aug 2023 01:21:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
server
AkamaiGHost
PugMaster
image6.pubmatic.com/AdServer/ Frame FCDC 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=42809129&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
81d44e431c189b87a663cd27e8c7233a90f103873e0152ad9daad5a48272173e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 01:21:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.servenobid.com/ Frame EDBC
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LLX1X3HM-1Y-4NY6
  • https://ads.servenobid.com/sync?pid=323&uid=LLX1X3HM-1Y-4NY6
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LLX1X3HM-1Y-4NY6
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LLX1X3HM-1Y-4NY6
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a414d61fde5a538d1bc5c621aec59518
Expires
0
usersync
usersync.gumgum.com/ Frame EFB6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=ZO6ZlAAMXlM9EQA_&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZO6ZlAAMXlM9EQA_&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 30 Aug 2023 01:21:27 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 30 Aug 2023 01:21:27 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZO6ZlAAMXlM9EQA_&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mxp6967-MXP
x-timer
S1693358487.010610,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 4C5D 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kNTBkMzk5MC0xMzVmLTQyMjMtOWRmNy0zMDMzNDc2NTBkM2Q=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 03F6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=93652
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 30 Aug 2023 01:21:27 GMT
expires
Thu, 31 Aug 2023 03:22:19 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame EDEA 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 30 Aug 2023 01:21:27 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 2969
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZO6Zl8Co5ssAAHoOgbMAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZO6Zl8Co5ssAAHoOgbMAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 30 Aug 2023 01:21:29 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Wed, 30 Aug 2023 01:21:29 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZO6Zl8Co5ssAAHoOgbMAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1693
X-SO-Cluster-ID
0
X-SO-HostName
m-ad431.dc4p.scaleout.jp
X-SO-IP
176.10.107.238
X-SO-Key
ZO6Zl8Co5ssAAHoOgbMAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"176.10.107.238","key":"ZO6Zl8Co5ssAAHoOgbMAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad431"}
X-SO-LB-Hostname
a-tgng40007.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad431
gumgum
cs.admanmedia.com/sync/ Frame 5FC0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_d50d3990-135f-4223-9df7-303347650d3d&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.166 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 30 Aug 2023 01:21:28 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usersync
usersync.gumgum.com/ Frame E621
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=gYY10mNslvInZx0lhCEs&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=gYY10mNslvInZx0lhCEs&pi=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 30 Aug 2023 01:21:27 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 30 Aug 2023 01:21:27 GMT Wed, 30 Aug 2023 01:21:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=gYY10mNslvInZx0lhCEs&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 1E4A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 30 Aug 2023 01:21:27 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 30 Aug 2023 01:21:27 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CA7 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bfu8_lJnuZNe-BeeQjuwPko-8oA4AAAAAOAHgBAI&bg=!zc6lzoHNAAbGwlhq5sI7ADQBe5WfOMLCWHpAGy64t4m-j2Qs_j8nLi0DXpEfX-wgGhFITdro4v02kxSK3oV3RaLNiC26AgAABn9SAAAAXmgBB5kDETZLarGPlLc_mck1Lcj_aDpH65IMvhoT4sPk0Cov5TcmzDZJBVAXNTKO-idPeJ8DEA-j4lPo0Co1jf_drDWn_ZX4SzZMACPRdgX0vfbQYmNVJ5PUUYNYanfme9msTRFHaBfxrFFBYA-HBxl6_SH2qb8s_8VloZPMnWYoDDB9rd0_gKu4ryqxxLM8f4PbxDinpm3nSiV8cy3gyJOU0PRiP9uObqGzXvCgPLglcxEW2o3CewhG7kbBIrLuYmpMDXID0FszMmXYdpWqbIquazcDvBPVP7c9mBeAvSodLtembxeNjiM2UwTKLO6YKNzPPkhsRnXDdMANbmqsZcxcQ486NgRnzpodAb_CPGhdDesRfo9ZsFT0rOVqeONRGF3nBleeX4gak9awnKNKmkdeaw_Al1_Tp9yz5JGW2AipLICBF-Qwkr1JBei9B8SsDCKu9kvPvlz2BTJvC_iBKCuDQmQJkgeCv5EuUtNJ6QS8pf4gEZEu1VnxcgzOufyGsIWW63b8Y_wdUYIMBwCsqRK6MMrm1QEHQwx6Yl2Yvp4J8UPVKoK8KFJCZbADhxpyKw-WL-tA4vPxJYj6MuqOOt7dS4OBydIFyUllYkKMRjNt3Gsdua5_6ejs-aJ5BzRzPHH2ohVlXeRzziKqsyMRBFFOuRkHcYv5E2pasv48kW8icq55-IK3E0axyde7NbNUNGON_yVyx5ZFNePsvK5s41KT3jyx3_-ZkdBI4f5xmgA8ad00l4iH1Mr3RQ10DrzwOPYI645eba8051c9aSLX89r9gdraGqojkwLV-wk-Z1axDnK6UFCNsyD6m_vcO8RLQtfSmpP2xpGnqxvhV_32OknmVzqkSE_EAj3qpagy8B_s9CbmqXenUAFpW3i5_cMZxHPky0Ea0N5JOyCulmTAWhW_KEeFOOMMHFJUwGL1YUX1yORuzZTCVVH92X3Pvi3CC2eeX4EVb0KQCnk2cmnNYUT3dZ_9fntLAlD3t8U4-7D2IkD0c1Y6HyDS9nlAkH95rKmQOCIXW6oIilEi5qDl_9mKWpY_NffD
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame 1B89 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=1423789398647959843&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 1B89
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=b194e8a6da97957492dbdd42b6f58015&gdpr=0&gdpr_consent=0
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=b194e8a6da97957492dbdd42b6f58015&gdpr=0&gdpr_consent=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=b194e8a6da97957492dbdd42b6f58015&gdpr=0&gdpr_consent=0
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
0
expires
0
v1
match.sharethrough.com/sync/ Frame 1B89
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=1423789398647959843&gdpr=0&gdpr_consent=
0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=1423789398647959843&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
18.184.69.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-69-99.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=1423789398647959843&gdpr=0&gdpr_consent=
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 1B89
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MTQyMzc4OTM5ODY0Nzk1OTg0Mw==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGyxegA6P5m0Z4E4o7eIpOQ&gdpr=0&gdpr_consent=&google_cver=1
43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGyxegA6P5m0Z4E4o7eIpOQ&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGyxegA6P5m0Z4E4o7eIpOQ&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 1B89
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=41f9cab5d4
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=41f9cab5d4
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Wed, 30 Aug 2023 01:20:41 GMT
via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
age
46
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=41f9cab5d4
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
DFJ8FofJm43oB3sw36EV9EZpooJLX7Dt5baHWP21hRb4MzVAPEBA7A==
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6760 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Aug 2023 01:21:27 GMT
usync.js
eus.rubiconproject.com/ Frame D32E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
19ca7fd01ac3b9345ac5d2d90e34cea22ddf2d5d8756ba3b054d96726db22405

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 01:21:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Aug 2023 15:52:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52224
Connection
keep-alive
Content-Length
10117
Expires
Wed, 30 Aug 2023 15:51:51 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 1516 		0
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7fe9379038a659e9-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 01:21:27 GMT
server
cloudflare
vary
Accept-Encoding
v1
match.sharethrough.com/universal/ Frame AC52 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.69.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-69-99.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
cs
cs.yellowblue.io/ Frame AC52
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=55574aa0c217b20374af8af86adcfe8&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=55574aa0c217b20374af8af86adcfe8&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.247.40.125 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-40-125.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:27 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=55574aa0c217b20374af8af86adcfe8&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693358487047015-513
Expires
Wed, 30 Aug 2023 01:21:27 GMT
cs
cs-server-s2s.yellowblue.io/ Frame AC52
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CO...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fd9c6952-267e-4773-9dfd-6de7d3199520&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=452BFA12-A165-423B-BCCD-1571C17A1756
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=452BFA12-A165-423B-BCCD-1571C17A1756
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
44.194.237.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-237-52.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=452BFA12-A165-423B-BCCD-1571C17A1756
date
Wed, 30 Aug 2023 01:21:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
sync
ads.servenobid.com/ Frame AC52 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=FFaUUDM-Cp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
onetag-sys.com/usync/ Frame 4C52 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.js
eus.rubiconproject.com/ Frame 1E4A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
19ca7fd01ac3b9345ac5d2d90e34cea22ddf2d5d8756ba3b054d96726db22405

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 01:21:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Aug 2023 15:52:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52224
Connection
keep-alive
Content-Length
10117
Expires
Wed, 30 Aug 2023 15:51:51 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 5973
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693358486888-945078940339-001601-011-001831%26biddername%3D105%26pid%3D6444c64...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1693358486888-945078940339-001601-011-001831&biddername=105&pid=6444c646246df090c706ac34&key=&gdpr=1
0
189 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1693358486888-945078940339-001601-011-001831&biddername=105&pid=6444c646246df090c706ac34&key=&gdpr=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.0.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-0-42.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
0
date
Wed, 30 Aug 2023 01:21:27 GMT

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
0
date
Wed, 30 Aug 2023 01:21:26 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1693358486888-945078940339-001601-011-001831&biddername=105&pid=6444c646246df090c706ac34&key=&gdpr=1
server
envoy
x-envoy-upstream-service-time
0
vpaid
servedby.grouprvn.com/ 		937 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://servedby.grouprvn.com/vpaid?channel=155&domain=https%3A%2F%2Fwww.bg3.co&ip_address=176.10.107.238&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lat=47.21040&lon=8.80530&os=Windows&osv=10&gdpr_consent=&gdpr=1&us_privacy=1---&width=700&height=393&schain=1.0,1!omgstudios.com,0603231,1,,,&cb=3358487144
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=645c834590f2c48ad908f465
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a923 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df762dfa41d977d9bc161826e1111c7ccfa77f1fd3b05928476926c63e8a6a68

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,DELETE,PUT,OPTIONS,INDEX
content-type
application/xml
access-control-allow-origin
https://www.bg3.co
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbLw8TS%2Bcxl8D2lve2wcNJxw4fqDHz4vWHcc21%2FrLcrZmNH9ofZJ4M26kK5fGGk75pdEwie3pFiOjwKQBRG4L%2FIR8dIrNTQjvNpDjamKO6tuq1y9iAdyjNiqHu9REYspQsIVdtZmzjBGYgVBMG69fHQTEHI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7fe937910fb40e3e-MXP
access-control-allow-headers
Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization,X-Requested-With
alt-svc
h3=":443"; ma=86400
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.bg3.co&rs=www.bg3.co&sid=69881&t=1693358486&cip=176.10.107.238&sn=&tgt=1&osv=10&bv=89.0&brn=Chrome&wi=700&he=393&app=&AV_PUBLISHERID=645c834590f2c48ad908f465&test=&d64=b30936248a2249157774c6740d025ba6&d63=b30936248a2249157774c6740d025ba6&aafaid=&proto=https&uid=1693358486888-945078940339-001601-011-001831&cha=0.7&stagid=&stplid=&d35=&d36=6.2.121&cb=61883473527&d39=&d65=&d66=&d74=&d56=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=700&AV_HEIGHT=393&&ppid=645c834590f2c48ad908f465&nid=6444c646246df090c706ac34&pcid=6469fbec71f13c58010ba477&ncid=64661b7e174efcd1df064646&pasid=646a093892cf95a70c029695&e=request&cb=1693358487146&asid=64c03bea3330c4bed70e0092&ofpr=&fpo=&ri=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.13.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-13-170.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pixel
ap.lijit.com/ Frame 0237 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Wed, 30 Aug 2023 01:21:27 GMT
X-Sovrn-Pod
ad_ap1ams1
viewability
hal900027.redintelligence.net/ Frame B93D 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900027.redintelligence.net/viewability?s=77442200005636504445002012432027&a=e9ce35d0&vb=v
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=77442200005636504445002012432027&a=f48cb19b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900027.redintelligence.net/request_content.php?s=77442200005636504445002012432027&a=f48cb19b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 01:21:27 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/ Frame 9AF6
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/
  • https://sync.smartadserver.com/getuid?url=https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/&cklb=1
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=1423789398647959843
95 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=1423789398647959843
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
image/png
date
Wed, 30 Aug 2023 01:21:21 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-length
0
date
Wed, 30 Aug 2023 01:21:27 GMT
location
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=1423789398647959843
cs
cs.minutemedia-prebid.com/ Frame D32E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LLX1X3HM-1Y-4NY6
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LLX1X3HM-1Y-4NY6
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LLX1X3HM-1Y-4NY6
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
Protocol
H2
Server
54.229.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LLX1X3HM-1Y-4NY6
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
generic
match.adsrvr.org/track/cmf/ Frame 99CC
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7217811612
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7217811612
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 30 Aug 2023 01:21:27 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 30 Aug 2023 01:21:27 GMT
etag
RX7d39f28af76f4b31a862b1662b604886003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7217811612
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D8C7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
12762
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 21:48:45 GMT
expires
Wed, 28 Aug 2024 21:48:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4AEC 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c6362d0334ff109d9ca5f926d118b854d827569c503d4376335b8f0796554261
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oYsrH_98K_P99QvHrFeRaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-oYsrH_98K_P99QvHrFeRaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 01:21:27 GMT
expires
Wed, 30 Aug 2023 01:21:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usersync
usersync.gumgum.com/ Frame 1E4A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LLX1X3HM-1Y-4NY6
  • https://usersync.gumgum.com/usersync?b=mag&i=LLX1X3HM-1Y-4NY6
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LLX1X3HM-1Y-4NY6
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 01:21:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LLX1X3HM-1Y-4NY6
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1205
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=35efd8a7c6cb241c&is_secure=true&networkId=17100&version=1&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIg52L8bm5swNxbPWLAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&...
42 B
295 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIg52L8bm5swNxbPWLAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 01:21:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Wed, 30 Aug 2023 01:21:27 GMT
expires
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIg52L8bm5swNxbPWLAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&is_secure=true&gdpr_consent=&gdpr=0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
dcm
aax-eu.amazon-adsystem.com/s/ Frame F12A 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=452BFA12-A165-423B-BCCD-1571C17A1756&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 30 Aug 2023 01:21:27 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
0TBQ0T103RGGTMRF50GJ
Pug
simage2.pubmatic.com/AdServer/ Frame B8FD
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=g2DuLoxtsnmYMOh7jWSme4FhunKYZLkp1Gyew_t2
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1e1b04219ed62446&is_secure=true&networkId=17100&version=1&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM4xNTwKqzCgMdMLLuAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&...
42 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM4xNTwKqzCgMdMLLuAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 01:21:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Wed, 30 Aug 2023 01:21:27 GMT
expires
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM4xNTwKqzCgMdMLLuAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&is_secure=true&gdpr_consent=&gdpr=0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
sync
ads.servenobid.com/ Frame 3C0D 		0
356 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=452BFA12-A165-423B-BCCD-1571C17A1756
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Wed, 30 Aug 2023 01:21:27 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FCDC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RSv6EqFlQju8zRVxwXoXVg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=93652
accept-ranges
bytes
content-length
5606
expires
Thu, 31 Aug 2023 03:22:19 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame FCDC 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.64.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-64-186.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.24.91
content-length
49
expires
0
cr
cr.frontend.weborama.fr/ Frame FCDC
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3069703175
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3069703175
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
via
1.1 google
last-modified
Wed, 30 Aug 2023 01:21:27 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:26 GMT
via
1.1 google
last-modified
Wed, 30 Aug 2023 01:21:27 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3069703175
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame FCDC
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=452BFA12-A165-423B-BCCD-1571C17A1756
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MTI1U2QyMGF3T0tROUNzWlhtd1lCZ1RaUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7276866640929803979&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
44.209.220.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-220-96.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 01:21:28 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 30 Aug 2023 01:21:28 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame FCDC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDUyQkZBMTItQTE2NS00MjNCLUJDQ0QtMTU3MUMxN0ExNzU2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1aa266c7dd217f7&is_secure=true&networkId=17100&version=1&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM1CdzCy7rswNP-MsXAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&...
42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM1CdzCy7rswNP-MsXAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 01:21:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM1CdzCy7rswNP-MsXAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame FCDC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBpgsDTDQGcMQ07rMr-L2SQ&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7a220ac0dedd172a&is_secure=true&networkId=17100&version=1&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIOsjnu-fa8QMGM2IrAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&...
42 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIOsjnu-fa8QMGM2IrAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 01:21:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIOsjnu-fa8QMGM2IrAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pubmatic
um.simpli.fi/ Frame FCDC 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 29 Aug 2023 01:21:27 GMT
generic
match.adsrvr.org/track/cmf/ Frame FCDC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame FCDC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7276866640929803979
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=986429cc1de241c&is_secure=true&networkId=17100&version=1&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM4xNTwKqzDQNwLBRfAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&...
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM4xNTwKqzDQNwLBRfAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 01:21:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM4xNTwKqzDQNwLBRfAAAAAAA&expiration=1693444887&nuid=452BFA12-A165-423B-BCCD-1571C17A1756&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
452BFA12-A165-423B-BCCD-1571C17A1756
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame FCDC 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/452BFA12-A165-423B-BCCD-1571C17A1756?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:2dd:853d:91ea:688e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame FCDC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=452BFA12-A165-423B-BCCD-1571C17A1756&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-iX4.gahE2uWVet_8EcIHuXqmcEhTc6k-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-iX4.gahE2uWVet_8EcIHuXqmcEhTc6k-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-iX4.gahE2uWVet_8EcIHuXqmcEhTc6k-~A&gdpr=0
date
Wed, 30 Aug 2023 01:21:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
match
ads.betweendigital.com/ Frame D6A4 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 403F 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BW3YdlJnuZK_jMqOXjuwPgISmoAsAAAAAOAHgBAI&bg=!-vml-bbNAAbGwlhq5sI7ADQBe5WfOPTrDkENRKZKU6v05rYcrlukdIxglB4bwNnmFqfliUNek1aTQz0oEnOc6e2YygkUAgAAAtdSAAAAB2gBB5kC8konh7j40emZebrIPHiNNd1xXqPboas6rEr81FVOWSUjcDZiZzZGuiCXLU3oByqcqquf88KN1z5PznjTGonKg47iwDJYbKkaJs1YVeafZ0YnnFTWvOhrxIVZOMFSDFPgGd1uXyH_jYCoCYBwlsiKSCgHZSd-tE03xYSMdTOsqs8ITdFFwq5RNSG2yMIKoHdJiTQBYZQooJRh94c1TDZF3iCMLmuW97CUqS3-lZLXqMmqweXAoqPyBSaxv0jTrh0VUHIqj8_JcYWgS77p_zZFtYEpXLw3bNm8QbUf4BZEn4WHvcupQynlnJeN6B9UfLCCZJuJIteQm8_cq9-DMUHU_iN3OzYRhzvhxhxL0pBf_dpcV5hgNJdWT216D6jL3D0xKzhjMWdGzrZT4iG3P18_Nna50PU6VoK2S3XBtWPOUTukZlV2zWz_AWBM9OWe-gm3mxLIz5OZDPaUfLBSVIbRr-rH7FMJMBptKb5okxGAduxYlxcD4EqVr66gxSbcfKkT-Ji_8KBWhzVImZn9M1SGGTXcUtgAtqMuHp9yDzRqGiKLwfRAwJl0cMxx2U6Lfu7hh9fZWTx05C7HqtwofKkYSj-KULeML-G2x-mrSiZE5Wszmd28aPAGo2pWmzML5_UdKPpKVjJhCwObjF0in8EtVe6PZgXGRIr08ICB4NhgY9V9IOZpWBWFpfmTAo2kZNU_iT0ZalRvU1bUj9asPMkhn0YQoVnbC36G7aMzPoYhJpqhLLRsk-SghQJDkBcs6xCv3XqtrZpxKNxCr_UhaEkkFYcwpgLWTc5RIqgh3i1SB79zCT2uCnzun2z9Ykumo119EyVNoF6Kn8rrbXeexcBmiCihpssqHOdBDP8S0bF5ULTbZeRb7kDohAfFhuLErC3DW5z7d3dCBlx6qwFoRAvuFWNdfMQ4cKMsbmDhFNAmvRKgf7lB_Yzqpg2kIU1W_iyxKKWbHLZUgzxAxTi5nEifbPiiDgmWEFnsVrQ5qYJPCcqoU8A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video2.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		340 KB
341 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video2.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
89ed9b4a17a685a30f2f8f46a6749bf5ed43a3fde2ee34845be82db018b261e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
cdn-edgestorageid
756
cdn-storageserver
DE-587
cdn-cachedat
08/18/2023 10:37:58
cdn-pullzone
829957
content-length
348552
last-modified
Fri, 18 Aug 2023 08:17:59 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
647
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
eb5a69b0b123995212ec57b35412ade7
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
d6c9abc3df939590fad0813ae57572b3a7b0928cd33f4c5b5c655de373df2980
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame 47FE
Redirect Chain
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/d6c9abc3df939590fad0813ae57572b3a7b0928cd33f4c5b5c655de373df2980
0
450 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/d6c9abc3df939590fad0813ae57572b3a7b0928cd33f4c5b5c655de373df2980
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7fe937940a7859e9-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 01:21:27 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Wed, 30 Aug 2023 01:21:27 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/d6c9abc3df939590fad0813ae57572b3a7b0928cd33f4c5b5c655de373df2980
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
7276866640929803979
csync.smilewanted.com/set_partner_userid_get/adform/ Frame E83B
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/7276866640929803979
0
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/7276866640929803979
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7fe93792f9e559e9-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 01:21:27 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Wed, 30 Aug 2023 01:21:27 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/7276866640929803979
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame 4AEC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230828&jk=848690160865409&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame BB1B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Ltx9kw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
fa_v_x11.js
player.privateserving.com/ Frame FC59 		269 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.privateserving.com/fa_v_x11.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=645c834590f2c48ad908f465
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6d11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cb229a9f92a061a214282ab703c8059dbe14cc53a51b4e28b0259dffb8f70f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Y5YV50DANQT4VQ8E
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
QafJnJ89pAf83/W2IiWWlWzCeIspcLwfjPSy+8wHAGZpWCYUHrngyWx69X87OYiDgd8x/pssJzV8WAPSPFcF0+ypU6REA8GIKcpImc7GTJ4=
last-modified
Mon, 28 Aug 2023 11:13:34 GMT
server
cloudflare
etag
W/"6afb76da27bf19bab8522f050341caae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDwGomzmd%2Bosf8LIkGZ%2BREb4ZodWMAabYfhfBkuNpEn4hlApCRVcjX5eHGt0N1V1IfppmfmsMaTHAo30A8hTFwFeL08boYKVt8jyxzceuenhJIraDEXtf3ssYTOXYHm7U3S8oJpu%2F2zrite9teMUm4CoYjA%2BheBc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7fe93792ed970e17-MXP
oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
pagead2.googlesyndication.com/bg/ Frame D8C7 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 19:55:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
192367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14795
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Aug 2024 19:55:20 GMT
abf3186358d318c95338632f8f395184
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 8914
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/abf3186358d318c95338632f8f395184?gdpr_consent=&gdpr=0
0
380 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/abf3186358d318c95338632f8f395184?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7fe93792b9b659e9-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 01:21:27 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Wed, 30 Aug 2023 01:21:27 GMT
Expires
Wed, 30 Aug 2023 01:21:27 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/abf3186358d318c95338632f8f395184?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1693358487075098-574
video3.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		344 KB
345 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video3.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
36d1268298a6da877a354aa0afefa709bc3c35e373d547d04ea67943b6aba853

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
cdn-edgestorageid
1053
cdn-storageserver
DE-661
cdn-cachedat
08/28/2023 19:09:50
cdn-pullzone
829957
content-length
352124
last-modified
Fri, 18 Aug 2023 08:17:58 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
635
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
86393256d0d63bea4c0b55b5173ec9ff
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
v1
match.sharethrough.com/universal/ Frame 8355 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.69.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-69-99.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
cdbfa5b5be126547759d5aeeded4da2d1cd2c86b531da33917655bdcd24b272b
csync.smilewanted.com/set_partner_userid_get/smartyads/ Frame 36C8
Redirect Chain
  • https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
  • https://csync.smilewanted.com/set_partner_userid_get/smartyads/cdbfa5b5be126547759d5aeeded4da2d1cd2c86b531da33917655bdcd24b272b
0
711 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smartyads/cdbfa5b5be126547759d5aeeded4da2d1cd2c86b531da33917655bdcd24b272b
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7fe93794cadd59e9-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 01:21:27 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Wed, 30 Aug 2023 01:21:27 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/smartyads/cdbfa5b5be126547759d5aeeded4da2d1cd2c86b531da33917655bdcd24b272b
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
sodar
pagead2.googlesyndication.com/pagead/ Frame 6B04 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308240101&jk=2279931510577245&bg=!ycqlyoXNAAYkVgHwBFY7ADQBe5WfOIdZTGeKJ2_nCtxpCVMfWSCmwgqPCRJYUlRcAxO2f7yulY5xjssppSRdps8LdaWEAgAABf1SAAAABWgBB5kC2rFKGfsVOi3KN7DlU8ZaVtYiN3FEu-qJE2D6uEP-dLcw2ilojphcQn2vLAPk2CfBPwEk6ADxEYKJrAHT1hUVRhl_GxyQIBZ6kvMhwbzKuKBnBUqOosL_-IFLSEC4_wgtZ4LLTBZNCul7D-eCUaWzdAFN9YrBvB0GmMXco9yD-kHDfx5kCF_zyuxAEowBFoZWnS9H90K3BxWwlnwGhLgecEakEjwIMYyzkyGTatkXC2R70MuEjXqN2X_lG-QHlAI7mrbDOnpyF1mKdNXKjukYf12byaoetAdl2ePhWM6as074z4n-STaywcGWehFB-YgipdfsMTCXnPVe2JHn6VwcSDo2J_TFfragGeXIx4ceX5ZZlvR0lMVaPJ-uqmGW1gMZ6eUZTY_x6qqcz9tCnhJ86vyKSbGOU7Mv-kNieivrxpBqaHZdydSy4fY0W3EwwlQ-Hrg8BfKX9fYRpN4vWWk1ZDMqaAccraJpOIo1ZeEe6oK01A1to9nshhQ2kBOmMbULPvhWiMkUIqHP4WDtMUKOy4RjndabaAoqIweR9PulhpKMfQ7LgbmdbPlnBpljN7m6hO2s80XaQg8RN3ewS5XuLKW9TlD2mXD7U48QZX5-YMKqPPdGiVf5Ttz-ohdhyXnFPFnVy2SFPVE8POHpcg28ZHNCjlcOI_TkVUUM-FVJC69d-IQsWUVSyLb3G2pgrVkWii7mMlsxxQUqyng43KfRp9Oc0TG2XMbkcR1BVAuBNO9cf-6VH9K3mx9ypxCL3Cgqb9IKXg-DkDcsmQxangdbSolSeG49rSXeOOxT6zjvFuedmCGKn6Mu52tW0cq9emxm4vuuYvB2o41Z8OFtLs2R7o90xqm0g7ICPOKioNXFEg2Oxe-q2VljmFy18P-t3QrEuktuJHy_zXswt4hlKaRUBqoM4JdP7EPNFbcHJZDiQ9K0onNu1yPyEZo_DaYd7iKVmT3sE9_5nxmAJMs
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
video4.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		343 KB
344 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video4.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
355eb73ef3ddead38f9ac663bb3cde3cf51a4dfb446937f5aca3e716c3c99e73

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
cdn-edgestorageid
864
cdn-storageserver
DE-51
cdn-cachedat
08/18/2023 10:37:59
cdn-pullzone
829957
content-length
351372
last-modified
Fri, 18 Aug 2023 08:18:03 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
647
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
1d18349fece7d27d4b205aa1b94e8f62
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
generate_204
tpc.googlesyndication.com/ Frame D8C7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?oxkcJw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame A4E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308240101&jk=3423301451663690&bg=!x8SlxIvNAAYkVgHwBFY7ADQBe5WfOBPom-YOvqoPtt3NoPclD7q35Icpu-6tK0hSyBwC6ZWmACnWrip2yW7Zmc_jLD7gAgAABW9SAAAABWgBB5kCxwYWGdmi5AaJshbK3wh0sD_5t7hO9tIfCNTqe0i2gSiFIDkHCtqw3bXIXMT7FnwqFvQAoT9RahQeXksx5JE8HUXWfnRFCN_-PECjc2JnOKCwZAms9Vb08QX71snADLVXhSOzfoV6NSaPUJtGDi7W3AjWh8rnP2VrzeGdhTFk33B6RC2KVAOl1g-R6tNq24n7NOIZE8Nh9yN6EqSrmRPbddIGo8TGxZbGLOkbgDemHYWBF06G-_vgunn_Iy3ArtX3LlroOtv76_JB_rgOKByaH9R3qj3ukA-AGhoRx9TdaGSaia0SIu7fCsGwKRKAP-7TrWBgL03eOfi_hQ5wBA_CI_HPa8mfI6riWh_AXmXbIa-CPXcq6EBc1As_Mu30cRzFAoLFQlBNqTkvx9DmmsI4st8RQqLFBLpkMmt4Wt_Ng4cUsx6Fqrdm1r4Uiv-s_BI71-5y-N7hxFnUkphjRJuIwX--HYTE-jPefGcigIlwZ5GUnN6LPhkq2T9gBNUAiaj6ZB_vrHs3BYYGUVjlFdeLmN3EhgvZfX7Xv33XZkuSgPqJHyGc6EiQdBRmb63fvfXHU-pF5iD_vhFUtkSzmfLXlIDIlrL-0_HcE8u5fiZZJJF-yo6pMZxixflcnHTWpCLp2euHGWaYHmOEMLE7jzpqK-NPUgc-0DYDPa2oUCjfkqD5tDuOM2zh2IyCWnxvdw9QJeDebt_dDa1V4iv_maMI92T4FwlFchnmgDnx4IbgrjR5rFxXHFR0U-v7aIZ6_JCW9ZDCY8Xbe9fdMt9xJscscTaHjHFc7gzxpCSm1s40jtNcLZhlUSczJlRbPH12ApD9aL9uQwKQo8OUYaFXHGThhgoDRuicCLoWEuSNgeqs4ckfV_cne18sQzhm5hJinwBsWon6UHqET5YdId-_3jXoLjQEUaovnPZEWZgweoYWGk1UKrCMcQH79A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
video5.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		337 KB
338 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video5.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
5d95f53a5578a8535d127a7041191865e9651fe932cdb84dd6c2d08b6a8c518f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
cdn-edgestorageid
874
cdn-storageserver
DE-383
cdn-cachedat
08/18/2023 10:38:01
cdn-pullzone
829957
content-length
345544
last-modified
Fri, 18 Aug 2023 08:17:58 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
645
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
e53cb6588bbf0ee38d6cb96654404926
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4728 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7207625159967&version=m202307240101&ct=77&x=13&cor=13092340190901110000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4728 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIdfjh0oovA3y-yc0xjXvlzuAQ_klwl1Mka0XcjPR7VZOtKo8iq1aQtirM2aTVrEOqwiFSdQINnJ0oOE1f-SfirxUQFQKCNl3kHzBvin4aVns&sig=Cg0ArKJSzMW-U4AfP_woEAE&id=lidar2&mcvt=1011&p=0,0,250,300&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20230828&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=32&adk=217762561&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693358483622&rpt=2993&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
q.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bg3.co
Date
Wed, 30 Aug 2023 01:21:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
video6.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		205 KB
205 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video6.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
387693ae9129954676f66cc2f2d2352e94457c2ff461f778551af1594585d90c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
cdn-edgestorageid
1047
cdn-storageserver
DE-51
cdn-cachedat
08/18/2023 10:38:02
cdn-pullzone
829957
content-length
209432
last-modified
Fri, 18 Aug 2023 08:18:06 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
653
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
cae5a92b789604244cd381b67ecbe64a
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
async_usersync
ib.adnxs.com/ Frame F93D 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
an-x-request-uuid
dcbbb798-934e-441c-80b9-8c87d52c7df9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
176.10.107.238; 176.10.107.238; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
video7.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		228 KB
229 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video7.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
2d1d38e921b2af298d6913929f27f091a9e80788ececa370657e2bae396c0e6b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
cdn-edgestorageid
722
cdn-storageserver
DE-165
cdn-cachedat
08/18/2023 10:38:03
cdn-pullzone
829957
content-length
233496
last-modified
Fri, 18 Aug 2023 08:17:57 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
645
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
c1bd9de594217b769098916717cab51f
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
gen_204
pagead2.googlesyndication.com/pagead/ Frame E3E7 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4113151707455&version=m202307240101&ct=77&x=1&cor=13042882315101980000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
o4504469071069184.ingest.sentry.io/api/4504469072117760/envelope/ Frame FC59 		2 B
333 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o4504469071069184.ingest.sentry.io/api/4504469072117760/envelope/?sentry_key=a4be36df873c4aa4905baa71ec95ed62&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.64.0
Requested by
Host: player.privateserving.com
URL: https://player.privateserving.com/fa_v_x11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
9
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
collect
q.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bg3.co
Date
Wed, 30 Aug 2023 01:21:28 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4467 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7264780501850&version=m202307240101&ct=77&x=1&cor=2993847580144249000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
41368cc6-d707-4103-a138-ec0f33ce8070
https://www.bg3.co/ Frame FC59 		46 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/41368cc6-d707-4103-a138-ec0f33ce8070
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
46922
Content-Type
video8.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		267 KB
268 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video8.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
25d2d2d08f72ff6fb277f8a16ccf6204380e718197aa5ab8fe91c82222698aab

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:27 GMT
cdn-edgestorageid
1055
cdn-storageserver
DE-51
cdn-cachedat
08/18/2023 10:38:04
cdn-pullzone
829957
content-length
273164
last-modified
Fri, 18 Aug 2023 08:17:57 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
657
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
d05a9f873060d5fbb16ba5d42575fc67
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
gen_204
pagead2.googlesyndication.com/pagead/ Frame 80CB 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5756873493586&version=m202307240101&ct=77&x=1&cor=4840510643516789000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 99F3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230828&jk=1084659188754477&bg=!Dg2lDULNAAYkVgHwBFY7ADQBe5WfOE4aQ6VaSSJa6pv7DisiiiDCEkFGzcEPnkqGHX89wZQ6kH1LrwhTZ88KZgxk1N1QAgAAAWpSAAAABmgBBwoArmINOKEIjHcCbFz5WD4axZiQyqn4cNrhqFG49xGdRESuvLJ6HSO4ZxXG2act0-Dz95QM0DDWkAbR255F_rjlVLB9Cnx3m4B7R-R36PBf7BIdmymdbRgqXDoUEX0Hb5DZ9iWh84mIE6DY98Lp1Jkr5NDt0S5CRQJVR2SECsP642Btvjyt-JFXKaosbwISGjrFc-QmrYfJic6v_siPw5ojb8mh1acriQYjYlsyr-1sp5kCv3-jOsIjBMx5TaZnmXCcHZVPrD0gS0dAeUFNL7OF2AQ1ieSZjiakBC8O2nIAClnauf04KGmAeGh90KpGMW639gZ9J4998-iTbHizrx-LFCB4KTDNSeQ073ASzMYJAXaeDt5FFYBPLwl4p-gCCJJ8WflWS9qQh2O--TYVIybuqidwWFs8CKUiSXEKkKIhnpmbVXm38VNdNEjgSbvVDeaKWTpZvfc_tQfl0JKi48vJwrSrPzq1PsVlN7DQVDLCTMB4UmTSmqoaP9pgFM8fbcH_jYd7tYtiN9lNhi7zh4GjW4uVBdlbMNrlfZL9AoZlLFQ08nJPkNbGq-xVDCJZDLDcF7AlH6rKRKtl3TyMq-Izld4WdV8ZROq-Sn5cLexwfSvI0oqd0EW9GVUW2bw3X_XBh_R6xXJeCqUbnuDSRSSg4LeTiEhYNcXczpCudNtWc5gOMulGKlFoGmTlEW0B0mmwXM0s2u6AvLy59PHY1fZhpk5zc8kBNHlEO_haCNdOEX02usId2CKNzkh7iOhRIXHsCekZifSCCUCmXZ-MgHc98Cxc1yFLYGbgi2zno_W-RFBp8LHdxFhH5SBqir0aV5XiD81HkVv1shnAhFN5UhysOVMs3iockPy0V5kJQJVFXhlYNowWemKkOjX2NenQZSG8JWkYNlz-KQAz53K-sPyAJGtZrP1ZF6Ncn3FJmRno-L0jKTFIJYgq64jUfIwWrsD3EzuSpdql591jjhmkjF475e3lH1MYf1V8qM3uYCDTaNJydLYYJR8D4xFIrQscQrhbxjDeAltnOxDfr395Z-ZL0JG6tTxecb4bHnSMq3hkFb1BP2cgCgqUy3ROMCyS2NfqAhvjBIlPYLdb-xizzi9Mfgd-_xPncO4U6z0H7jl4SNF6vYQ0v-7Qz3paIYA_EzOtOt4GLOgr2-_yInjC6Lep-5A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 6760 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230828&jk=848690160865409&bg=!Tk2lTQLNAAYkVgHwBFY7ADQBe5WfOF8rtv4aLUWMyByDcxmPQf0y5AM0q6O-fC4t7qk6nF1VKYM5PqqtRuNLyDEcnMRPAgAAAJ5SAAAAB2gBB5kC1SPm2h1g9SrQvZB0kCT-3CKU2-aqC5prvQ2DhO4Uur1XFvv4Vq74ELm2_hJc-e3C5H3RBIFwm3b72IvV6bV5JgwmxRsD1Uiur27q1dP6slDimze450pdI6mZ5rf5dldt66kd5FHgb4LnB-BKMD3NU0SaFdjqqPD6YqIpdql_H5jubVy7lm4V08PpuEXzFPu1YhQQa7KypZs3i85nX5yu2IC_56zi4S7YIHiiKn4QLqeiZi2Y1FUQUx-hr69dtfr2I_sUONurCj7FRTzgqkjnVKsH34tT_5AASKWrvsof80nifrKru0W9z4WTX6rTLG5OK7HqnnrNijXT9MvY6fuwlynwOxfQFU1DTP1pbWtZ7df--pYiY221el9Uc8BaKWa0upNvLxKvPpE_nXwjnHF4wi10ZRMNST2MtiT4XSt18-buLvYIRN30_HtNo0xEGw75G0uOu6tS2OetgBJdGMlwtSXF8ff5wy4La6nDj-xJySBZcXDlYh-bgzGiAChIZGYwlYBr_YBBoCB25e_jUsFW7B5RU7OUxjjndH2BZ34w02m9wpIyuUSutwKmsDx8BzuFFF6GWwSJC71bvm2RNuI-b8PWijdTjCL3QrdsKYwDTwgXl7pGp5UdX4Sc8k5AhwbnZ5gBTFIOR5FiwPnCk0MMzjenXegz4KmDv4QWQrgT6GMRJnIpICuBYJ9wATBubg3z_6BY_cwh2aeB1sqCcxxvc0Z4r_NcOWZpEacoVb6rV6O3UTN4ssKuFynLUEKqgEPBAGfQFwM0w4yMRmyveloRDfSHDpuRyEoeOe9NOgYzHf09gu1avzN5VTsPxj96KGkESRWZOpE4wci3X5d1ktTMpEJ9OF9xBSx1NB_JPE3esDapg1akdERlLpp9-axg5NCW3Kc3g0Q2Z2UotIllz06LcYDaojHfHPeIwfot_ebCbpN8lkPrAGWwcejBpGIi9SegNhQeFwME
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
pubads.g.doubleclick.net/gampad/ Frame 1CAB 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=2655083518979797&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.586.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.586.0&sid=606CB55B-8C10-425A-BC9A-9EFFAE7A1A1F&a3p=EhkKCnB1YmNpZC5vcmcY28ufoKQxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGN7Kn6CkMUgAUgIIZBIZCgp1aWRhcGkuY29tGN3Kn6CkMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2llbTg0VEZCVFZYRlNkRFpQUlZoTFdYZE5lRmhwZHowOUluMD0Y09CfoKQxSAASGwoMaWQ1LXN5bmMuY29tGJLNn6CkMUgAUgIIag..&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&dlt=1693358481941&idt=3751&dt=1693358488501&cookie=ID%3D7933eb30c2d8f12e-22fb66285fde004b%3AT%3D1693358482%3ART%3D1693358484%3AS%3DALNI_MaKmPTSvWCNhW5fkMNvhKPcb8lyfg&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&scor=356339983359513&ged=ve4_td6_tt2_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
o4504469071069184.ingest.sentry.io/api/4504469072117760/envelope/ Frame FC59 		198 B
329 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o4504469071069184.ingest.sentry.io/api/4504469072117760/envelope/?sentry_key=a4be36df873c4aa4905baa71ec95ed62&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.64.0
Requested by
Host: player.privateserving.com
URL: https://player.privateserving.com/fa_v_x11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 30 Aug 2023 01:21:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-sentry-rate-limits
243:transaction;profile:project:smart_rate_limit
retry-after
243
csi
csi.gstatic.com/ Frame 1CAB 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~llx1x5p7&c=6778101003551&slotId=3389050501775.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:29 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame FCDC 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
OpportunityServlet
am-vid-events.taboola.com/ 		1 B
117 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_2/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 30 Aug 2023 01:21:29 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je38s0&_p=1500233466&cid=1870201937.1693358483&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1693358484&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&dt=%E7%82%B8%E9%9B%9E%E5%A5%BD%E9%A6%99%EF%BC%81%E5%B0%8F%E5%A7%90%E5%A7%90%E8%82%A9%E8%86%80%E3%80%8C%E5%87%BA%E7%8F%BE%E5%A4%A7%E7%89%9B%E9%A0%AD%E3%80%8D%E3%80%80%E6%8B%89%E6%89%AF%E6%89%8B%E8%87%82%EF%BC%9A%E7%B5%A6%E6%88%91%E5%90%83%E5%95%A6%EF%BD%9E%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1693358489509&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1544&pt=-1959458682&tz=120&viewable=true&ddast=V8PiECLAa8JzwHt3tzFBJ4T3gObvfmKCwAAABgYID-AElMHKPhyOVYS0zD1Vo0WXnWEsdouVaOXMbFxDSZzUY2IyCJiWM0HLkca4lpuFqLJivPWuIYLdfKkcu4mJgms9nIZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZyaDodPte9Xvf73SU-z1zj9yv80qPDLXW6hQ6_W_h02H1u4dPhd0udLrfU6XJLnQ67W-Kw-9wao-stfDrsbpHDLXe63qK_6y12uDVGl1tz9LveEqdb53K6dX-3xuh0ix12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkchMNycV1-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEKGeKUmz0EJ4IgWxRRgBAAAAgFVYcz8ySSeoWFT5___vtwJwBQAgQJHooFwoi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHqOXNMA8TM3q_kFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOZYrXarmXPmGW0cLs9sOXH5hhPDxDnauBwm42Z7BBWMF75kfCH7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYhvMzHZlpO1ZjJYuEWz4WytcHkca9lotjAsXJ6VceZxi14f08VlXMwcky0SDMDbi-RpkU5kE4thuNjYFo6JceZymYYT52Q3spgGs5Vl49vNJmKJ5mSRTmSXfc2xWu1WM-fMM9o4XJ7ZcuLyDSeGiXO0cTlMxs2-4ttMTLblZK2ZDBZu0Ww4WytcHsdaNpotDAuXZ2Wcedyi18d0cRkXM8dk35gtN5vVcDSc7Buz5WazGo6Gk32HzvBdfc5GZVkl-bj8Kt224bo5DQqXweJ9qU_nYcFYkE47R6dLpHgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hlx4dbqnTLXT43cKnw-5zC58Ov1vqdLmlTpdb6nTY3RKH3efWGF1v4dNhd4scbrnT9Rb9XW-xw60xutyao9_1ljjdOpfTrfu7NUanW-ywC01vs0UsEZwu0onoZTxd1H_kELvZXDGYKwa7uWQzXCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptA8Cju____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIyWS22D8AFWKtVqvbjbVarYAFshwMRxP4____Dw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=eidc_vA!ll142893-147_vC!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
8f9e12b58649a80778f22de5ea2b09e064fd12d34fdd1716f8b3b631191ebd29

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:29 GMT
content-encoding
gzip
server
nginx
machineid
1481
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
link
<https://vast.aniview.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 1CAB 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=3750062322281528&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.586.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.586.0&sid=606CB55B-8C10-425A-BC9A-9EFFAE7A1A1F&a3p=EhkKCnB1YmNpZC5vcmcY28ufoKQxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGN7Kn6CkMUgAUgIIZBIZCgp1aWRhcGkuY29tGN3Kn6CkMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2llbTg0VEZCVFZYRlNkRFpQUlZoTFdYZE5lRmhwZHowOUluMD0Y09CfoKQxSAASGwoMaWQ1LXN5bmMuY29tGJLNn6CkMUgAUgIIag..&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&dlt=1693358481941&idt=3751&dt=1693358489527&cookie=ID%3D7933eb30c2d8f12e-22fb66285fde004b%3AT%3D1693358482%3ART%3D1693358484%3AS%3DALNI_MaKmPTSvWCNhW5fkMNvhKPcb8lyfg&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&scor=2130306667873527&ged=ve4_td8_tt4_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts2_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
vast.aniview.com/api/adserver61/vast/ 		817 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=645c834590f2c48ad908f465&AV_CHANNELID=6469fbec71f13c58010ba477&AV_URL=https%3A%2F%2Fwww.bg3.co&cb=R0.1693358489610&AV_WIDTH=700&AV_HEIGHT=393&AV_GDPR=1&AV_CONSENT=&AV_CCPA=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.4/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
1b551b5aad16d9d87d629d82d84f5fe7e03179f8a2e924fef9fed5878e415329

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

Date
Wed, 30 Aug 2023 01:21:30 GMT
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
X-Bamboo-C-SkSt
1
Transfer-Encoding
chunked
X-Bamboo-WL-Track
track1.aniview.com
Connection
Keep-Alive
X-Bamboo-WL-Player
https://player.aniview.com
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.bg3.co
X-Bamboo-WL-Serve
gov.aniview.com
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
X-HW
1693358484.dop006.ml1.t,1693358484.cds033.ml1.shn,1693358489.dop006.ml1.t,1693358489.cds214.ml1.sc,1693358490.cds214.ml1.p
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
csi
csi.gstatic.com/ Frame 1CAB 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~llx1x889&c=6778101003551&slotId=3389050501775.5&ghmsh_eids=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:29 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video9.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		227 KB
228 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video9.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
0b9bd9b5591994cc9ee339949b213d6b636909d874601730b81674da5701f597

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:29 GMT
cdn-edgestorageid
874
cdn-storageserver
DE-167
cdn-cachedat
08/18/2023 21:57:17
cdn-pullzone
829957
content-length
232368
last-modified
Fri, 18 Aug 2023 08:17:57 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
627
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
65754061eb9e95d99a97a1439627683b
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
AVmanager.js
player.aniview.com/script/6.1/ Frame E56F 		476 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=645c834590f2c48ad908f465
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
533d2ee34cb1a4b281414f52e814ac9b8f6fb7810552fb2bebe23943e04291a9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:30 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtljXN-10sXnDTmX2bVO2hZOC6rxRQz9hhV1rwude5K2kzNhN3i7uxNre2ojXbadAimBlNFqWkjZkptw3bm7Hvr
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
130379
last-modified
Wed, 23 Aug 2023 20:53:33 GMT
server
UploadServer
etag
"25aee45ea3338112064b801c98043832"
vary
Accept-Encoding
x-goog-generation
1692824013316426
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=dQhmYQ==, md5=Ja7kXqMzgRIGS4AcmAQ4Mg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
130379
accept-ranges
bytes
expires
Wed, 30 Aug 2023 01:31:30 GMT
truncated
/ Frame E56F 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.bg3.co&sn=&ic=0&tgt=1&app=&wi=700&he=393&test=&d36=6.2.121&apppkg=&fv=1&proto=https&clsid=559fd722-ea51-469a-9404-6b9b8e2ad815&rando=2&pid=645c834590f2c48ad908f465&cid=6469fbec71f13c58010ba477&stagid=&stplid=&e=inventory&vi=0&cb=1693358490127
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.13.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-13-170.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:30 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vpaid
servedby.grouprvn.com/ 		937 B
897 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://servedby.grouprvn.com/vpaid?channel=155&domain=https%3A%2F%2Fwww.bg3.co&ip_address=176.10.107.238&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lat=47.21040&lon=8.80530&os=Windows&osv=10&gdpr_consent=&gdpr=1&us_privacy=1---&width=700&height=393&schain=1.0,1!omgstudios.com,0603231,1,,,&cb=3358490130
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=645c834590f2c48ad908f465
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a923 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
696951a0fc34c88a95741265b422a027b06e6abf73aa449aa76026406ed54cab

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,DELETE,PUT,OPTIONS,INDEX
content-type
application/xml
access-control-allow-origin
https://www.bg3.co
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7qXeSDS3p1TMd4ZszMGs8ShXtTXTsKDmVFS14l53aLZBG6ACBedrvehjfe6YkhSdabvFxJnQOIRql%2F932IhCTtgsagAFxnL7rvPB7VOqbRB012m91%2FaaPTnc12F8deGW54%2B0VC5Z%2FDVbbKiKVT3DkbK1wk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7fe937a358650e3e-MXP
access-control-allow-headers
Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization,X-Requested-With
alt-svc
h3=":443"; ma=86400
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.bg3.co&rs=www.bg3.co&sid=69881&t=1693358486&cip=176.10.107.238&sn=&tgt=1&osv=10&bv=89.0&brn=Chrome&wi=700&he=393&app=&AV_PUBLISHERID=645c834590f2c48ad908f465&test=&d64=b30936248a2249157774c6740d025ba6&d63=b30936248a2249157774c6740d025ba6&aafaid=&proto=https&uid=1693358486888-945078940339-001601-011-001831&cha=0.7&stagid=&stplid=&d35=&d36=6.2.121&cb=61883473527&d39=&d65=&d66=&d74=&d56=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=700&AV_HEIGHT=393&&ppid=645c834590f2c48ad908f465&nid=6444c646246df090c706ac34&pcid=6469fbec71f13c58010ba477&ncid=64661b7e174efcd1df064646&pasid=646a093892cf95a70c029695&e=request&cb=1693358490130&asid=64c03bea3330c4bed70e0092&ofpr=&fpo=&ri=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.13.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-13-170.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:30 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 03F6 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75325534&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b26642e9b5b35571197b2740f5c48d8fad36e67e784c7c72772a0c468ade3ee3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 01:21:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230828-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
81
date
Wed, 30 Aug 2023 01:21:30 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
78161
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mxp6936-MXP
pragma
no-cache
server
nginx
x-timer
S1693358490.167474,VS0,VE81
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
match
c1.adform.net/serving/cookie/ Frame C25C 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 30 Aug 2023 01:21:33 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 64B6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4853856628407888645&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4853856628407888645&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 01:21:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
60259abb-2818-4484-b7a4-61988074bba5
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 01:21:30 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4853856628407888645&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
176.10.107.238; 176.10.107.238; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 52BE
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7272919313479891102&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7272919313479891102&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 01:21:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Wed, 30 Aug 2023 01:21:30 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7272919313479891102&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 9AA1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=lOQXhs0cXNx4ptEjnHCGvbAKa-4&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=lOQXhs0cXNx4ptEjnHCGvbAKa-4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 01:21:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Wed, 30 Aug 2023 01:21:30 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=lOQXhs0cXNx4ptEjnHCGvbAKa-4&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 3739 		85 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 30 Aug 2023 01:21:30 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6967-MXP
x-timer
S1693358490.187950,VS0,VE104
Pug
image2.pubmatic.com/AdServer/ Frame 62B4
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUc02c09529f8c4753bd0a8a2df37cd09a
42 B
346 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUc02c09529f8c4753bd0a8a2df37cd09a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 01:21:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 01:21:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUc02c09529f8c4753bd0a8a2df37cd09a
pragma
no-cache
server
Tengine
Pug
simage2.pubmatic.com/AdServer/ Frame 5A24
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 01:21:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 30 Aug 2023 01:21:30 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame E27A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDV2MwN0ozVE1BQUNWLUFueHNCUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACWc07J3TMAACV-AnxsBQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1423789398647959843&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AACWc07J3TMAACV-AnxsBQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1423789398647959843%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1423789398647959843&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACWc07...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACWc07J3TMAACV-AnxsBQ&gdpr=0&gdpr_consent=
42 B
302 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACWc07J3TMAACV-AnxsBQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 01:21:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 30 Aug 2023 01:21:30 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACWc07J3TMAACV-AnxsBQ&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame D96A
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336724966456893
42 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336724966456893
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 01:21:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Wed, 30 Aug 2023 01:21:30 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336724966456893
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
usersync
usersync.gumgum.com/ Frame E930 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=452BFA12-A165-423B-BCCD-1571C17A1756
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 30 Aug 2023 01:21:30 GMT
Expires
0
Pragma
no-cache
mw
mwzeom.zeotap.com/ Frame 03F6 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=452BFA12-A165-423B-BCCD-1571C17A1756
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:30 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7fe937a40f05baac-MXP
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 03F6
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=452BFA12-A165-423B-BCCD-1571C17A1756&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=452BFA12-A165-423B-BCCD-1571C17A1756&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=452BFA12-A165-423B-BCCD-1571C17A1756&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:37 GMT
frontend-id
14
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:37 GMT
frontend-id
15
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=452BFA12-A165-423B-BCCD-1571C17A1756&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 03F6
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 03F6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3630025452598104057&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3630025452598104057&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 01:21:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3630025452598104057&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 30 Aug 2023 01:21:29 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 03F6
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2a77e1b8-abaf-4cdf-a216-d9de91313262&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2a77e1b8-abaf-4cdf-a216-d9de91313262&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 01:21:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2a77e1b8-abaf-4cdf-a216-d9de91313262&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 30 Aug 2023 01:21:30 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame FCDC 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96881613&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0fe50eb5ac253bf73a6d41ee2da36981e534b7c263026037c7966083a7f9f207

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 30 Aug 2023 01:21:29 GMT
content-length
1449
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 2813
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent=
42 B
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 01:21:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 01:21:30 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=452BFA12-A165-423B-BCCD-1571C17A1756&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bridge
cm.adgrx.com/ Frame 4997 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Wed, 30 Aug 2023 01:21:30 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-5
Pug
image2.pubmatic.com/AdServer/ Frame 2046
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8996300839723427136
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8996300839723427136
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 01:21:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8996300839723427136
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
cm
ipac.ctnsnet.com/int/ Frame 406F 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 30 Aug 2023 01:21:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame C82C 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 30 Aug 2023 01:21:30 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-e605bbc0de20@version_1.568
X-core-time
0ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame 86DD
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=juuxb1tts5qe
42 B
332 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=juuxb1tts5qe
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 01:21:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Wed, 30 Aug 2023 01:21:30 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=juuxb1tts5qe
lws
90
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
i.match
a.tribalfusion.com/ Frame D029 		43 B
488 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7fe937a40dba24be-ZRH
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 01:21:30 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
Pug
image2.pubmatic.com/AdServer/ Frame DF34
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0991025d5c421830/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=7d78c60d7e4a5b5d9f3bbdf29696888b&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaRRbaXVQVjWXbSYa&gdpr=0&gdpr_consent=
42 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaRRbaXVQVjWXbSYa&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 01:21:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaRRbaXVQVjWXbSYa&gdpr=0&gdpr_consent=
sync
ads.servenobid.com/ Frame 9A54 		0
356 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=452BFA12-A165-423B-BCCD-1571C17A1756
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Wed, 30 Aug 2023 01:21:30 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FCDC
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348&gdpr=0&gdpr_consent=
42 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 01:21:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:29 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FCDC
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4853856628407888645
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4853856628407888645
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 01:21:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:30 GMT
an-x-request-uuid
9b685582-beb1-4210-8aa7-230d129de19c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4853856628407888645
x-proxy-origin
176.10.107.238; 176.10.107.238; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fa_v_x11.js
player.privateserving.com/ Frame 890C 		269 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.privateserving.com/fa_v_x11.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=645c834590f2c48ad908f465
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6d11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cb229a9f92a061a214282ab703c8059dbe14cc53a51b4e28b0259dffb8f70f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:30 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Y5YV50DANQT4VQ8E
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
QafJnJ89pAf83/W2IiWWlWzCeIspcLwfjPSy+8wHAGZpWCYUHrngyWx69X87OYiDgd8x/pssJzV8WAPSPFcF0+ypU6REA8GIKcpImc7GTJ4=
last-modified
Mon, 28 Aug 2023 11:13:34 GMT
server
cloudflare
etag
W/"6afb76da27bf19bab8522f050341caae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CMNcCU9qzOqOB0oeW8PkoQsXjxlBxqEA44LsmOZgMHku3U%2FEGQ8Cra5afJ4WNRSVtP01QmumXNoOIyAaSgMsdSraOuZXa7aS%2BF%2B4fe9UAmg3Ms9oh8kHIvewuIhBzIDMYGtbjwnpxEVcut6lJ77Hr7%2BCuNVdSF4L"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7fe937a45ebe0e17-MXP
ads
pubads.g.doubleclick.net/gampad/ Frame 1CAB 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=583591065679836&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.586.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.586.0&sid=606CB55B-8C10-425A-BC9A-9EFFAE7A1A1F&a3p=EhkKCnB1YmNpZC5vcmcY28ufoKQxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGN7Kn6CkMUgAUgIIZBIZCgp1aWRhcGkuY29tGN3Kn6CkMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2llbTg0VEZCVFZYRlNkRFpQUlZoTFdYZE5lRmhwZHowOUluMD0Y09CfoKQxSAASGwoMaWQ1LXN5bmMuY29tGJLNn6CkMUgAUgIIag..&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&dlt=1693358481941&idt=3751&dt=1693358490448&cookie=ID%3D7933eb30c2d8f12e-22fb66285fde004b%3AT%3D1693358482%3ART%3D1693358484%3AS%3DALNI_MaKmPTSvWCNhW5fkMNvhKPcb8lyfg&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&scor=1834772739445933&ged=ve4_td8_tt4_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
o4504469071069184.ingest.sentry.io/api/4504469072117760/envelope/ Frame 890C 		2 B
21 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o4504469071069184.ingest.sentry.io/api/4504469072117760/envelope/?sentry_key=a4be36df873c4aa4905baa71ec95ed62&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.64.0
Requested by
Host: player.privateserving.com
URL: https://player.privateserving.com/fa_v_x11.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 30 Aug 2023 01:21:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
3d591803-d413-49d7-b3b7-83656684d6e1
https://www.bg3.co/ Frame 890C 		46 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/3d591803-d413-49d7-b3b7-83656684d6e1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
46922
Content-Type
ads
pubads.g.doubleclick.net/gampad/ Frame 1CAB 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=2242596131201874&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.586.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.586.0&sid=606CB55B-8C10-425A-BC9A-9EFFAE7A1A1F&a3p=EhkKCnB1YmNpZC5vcmcY28ufoKQxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGN7Kn6CkMUgAUgIIZBIZCgp1aWRhcGkuY29tGN3Kn6CkMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2llbTg0VEZCVFZYRlNkRFpQUlZoTFdYZE5lRmhwZHowOUluMD0Y09CfoKQxSAASGwoMaWQ1LXN5bmMuY29tGJLNn6CkMUgAUgIIag..&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&dlt=1693358481941&idt=3751&dt=1693358491369&cookie=ID%3D7933eb30c2d8f12e-22fb66285fde004b%3AT%3D1693358482%3ART%3D1693358484%3AS%3DALNI_MaKmPTSvWCNhW5fkMNvhKPcb8lyfg&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&scor=2769969634696740&ged=ve4_td9_tt5_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
o4504469071069184.ingest.sentry.io/api/4504469072117760/envelope/ Frame 890C 		198 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o4504469071069184.ingest.sentry.io/api/4504469072117760/envelope/?sentry_key=a4be36df873c4aa4905baa71ec95ed62&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.64.0
Requested by
Host: player.privateserving.com
URL: https://player.privateserving.com/fa_v_x11.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 30 Aug 2023 01:21:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-sentry-rate-limits
241:transaction;profile:project:smart_rate_limit
retry-after
241
collect
q.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bg3.co
Date
Wed, 30 Aug 2023 01:21:31 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
video10.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		271 KB
272 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video10.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
3836ee0615887017d2a7c33c1e11ae18790475d24df2a920d3aa3ece704114ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:32 GMT
cdn-edgestorageid
863
cdn-storageserver
DE-164
cdn-cachedat
08/18/2023 10:38:04
cdn-pullzone
829957
content-length
277300
last-modified
Fri, 18 Aug 2023 08:17:58 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
636
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
814197a8dc77c1275d39ee3b41adaf4e
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
track
track1.aniview.com/ Frame EC63 		0
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.bg3.co&rs=www.bg3.co&sid=69881&t=1693358486&cip=176.10.107.238&sn=&tgt=1&osv=10&bv=89.0&brn=Chrome&wi=700&he=393&app=&AV_PUBLISHERID=645c834590f2c48ad908f465&test=&d64=b30936248a2249157774c6740d025ba6&d63=b30936248a2249157774c6740d025ba6&aafaid=&proto=https&uid=1693358486888-945078940339-001601-011-001831&cha=0.7&stagid=&stplid=&d35=&d36=6.2.121&cb=61883473527&d39=&d65=&d66=&d74=&d56=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=700&AV_HEIGHT=393
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=645c834590f2c48ad908f465
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.13.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-13-170.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 30 Aug 2023 01:21:32 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 03F6 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame FCDC 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:5b57:3cdc:ce57:409f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 30 Aug 2023 01:21:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
813 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1693358492305&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1544&pt=-1959458682&tz=120&viewable=true&ddast=V8PiECLAa8JzwHt3tzFBJ4T3gObvfmKCwAAABgYID-AElMHKPhyOVYS0zD1Vo0WXnWEsdouVaOXMbFxDSZzUY2IyCJiWM0HLkca4lpuFqLJivPWuIYLdfKkcu4mJgms9nIZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZyaDodPte9Xvf73SU-z1zj9yv80qPDLXW6hQ6_W_h02H1u4dPhd0udLrfU6XJLnQ67W-Kw-9wao-stfDrsbpHDLXe63qK_6y12uDVGl1tz9LveEqdb53K6dX-3xuh0ix12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkchMNycV1-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEKGeKUmz0EJ4IgWxRRgBAAAAgFVYcz8ySSeoWFT5___vtwJwBQAgQJHooFwoi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHqOXNMA8TM3q_kFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOZYrXarmXPmGW0cLs9sOXH5hhPDxDnauBwm42Z7BBWMF75kfCH7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwYhvMzHZlpO1ZjJYuEWz4WytcHkca9lotjAsXJ6VceZxi14f08VlXMwcky0SDMDbi-RpkU5kE4thuNjYFo6JceZymYYT52Q3spgGs5Vl49vNJmKJ5mSRTmSXfc2xWu1WM-fMM9o4XJ7ZcuLyDSeGiXO0cTlMxs2-4ttMTLblZK2ZDBZu0Ww4WytcHsdaNpotDAuXZ2Wcedyi18d0cRkXM8dk35gtN5vVcDSc7Buz5WazGo6Gk32HzvBdfc5GZVkl-bj8Kt224bo5DQqXweJ9qU_nYcFYkE47R6dLpHgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hlx4dbqnTLXT43cKnw-5zC58Ov1vqdLmlTpdb6nTY3RKH3efWGF1v4dNhd4scbrnT9Rb9XW-xw60xutyao9_1ljjdOpfTrfu7NUanW-ywC01vs0UsEZwu0onoZTxd1H_kELvZXDGYKwa7uWQzXCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptA8Cju____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CuIyWS22D8AFWKtVqvbjbVarYAFshwMRxP4____Dw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=eidc_vA!ll142893-147_vC!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
9906c5d5262c34aeb4d19a89e52f26cf5d98453430da40435751ec5e2be18b43

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:21:32 GMT
content-encoding
gzip
server
nginx
machineid
1452
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 1CAB 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=2242596131201874&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.586.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.586.0&sid=606CB55B-8C10-425A-BC9A-9EFFAE7A1A1F&a3p=EhkKCnB1YmNpZC5vcmcY28ufoKQxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGN7Kn6CkMUgAUgIIZBIZCgp1aWRhcGkuY29tGN3Kn6CkMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2llbTg0VEZCVFZYRlNkRFpQUlZoTFdYZE5lRmhwZHowOUluMD0Y09CfoKQxSAASGwoMaWQ1LXN5bmMuY29tGJLNn6CkMUgAUgIIag..&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&dlt=1693358481941&idt=3751&dt=1693358492310&cookie=ID%3D7933eb30c2d8f12e-22fb66285fde004b%3AT%3D1693358482%3ART%3D1693358484%3AS%3DALNI_MaKmPTSvWCNhW5fkMNvhKPcb8lyfg&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&scor=423941226810482&ged=ve4_td10_tt6_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 1CAB 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=2242596131201874&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.586.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.586.0&sid=606CB55B-8C10-425A-BC9A-9EFFAE7A1A1F&a3p=EhkKCnB1YmNpZC5vcmcY28ufoKQxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGN7Kn6CkMUgAUgIIZBIZCgp1aWRhcGkuY29tGN3Kn6CkMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2llbTg0VEZCVFZYRlNkRFpQUlZoTFdYZE5lRmhwZHowOUluMD0Y09CfoKQxSAASGwoMaWQ1LXN5bmMuY29tGJLNn6CkMUgAUgIIag..&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzha-ji-hao-xiang-xiao-jie-jie-jian-bang-chu-xian-da-niu-tou-la-che-shou-bi-gei-wo-chi-la.html&dlt=1693358481941&idt=3751&dt=1693358493239&cookie=ID%3D7933eb30c2d8f12e-22fb66285fde004b%3AT%3D1693358482%3ART%3D1693358484%3AS%3DALNI_MaKmPTSvWCNhW5fkMNvhKPcb8lyfg&gpic=UID%3D00000c6b685d36ee%3AT%3D1693358482%3ART%3D1693358482%3AS%3DALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg&scor=3699967096845652&ged=ve4_td11_tt7_pd11_la11000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:21:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 03F6 		539 B
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=61559991&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6de48d9ab8b44f4074a91243db076597c2da4a8fd8ecdf9119a4ac6eac5a76e4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 30 Aug 2023 01:21:33 GMT
content-length
539
content-type
text/html; charset=UTF-8
pub
matching.truffle.bid/sync/ Frame C71F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 -, , ASN (),
Reverse DNS
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 30 Aug 2023 01:21:33 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
generic
match.adsrvr.org/track/cmf/ Frame 3D53
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6350637498
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6350637498
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 30 Aug 2023 01:21:33 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 30 Aug 2023 01:21:33 GMT
etag
RX7d39f28af76f4b31a862b1662b604886003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6350637498
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
Pug
simage2.pubmatic.com/AdServer/ Frame 3E72
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0197E0FE5B9F4CF0AF00A0E1A4D91CFE&gdpr=0&gdpr_consent=
1 B
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0197E0FE5B9F4CF0AF00A0E1A4D91CFE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 01:21:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Wed, 30 Aug 2023 01:21:33 GMT
expires
Tue, 29 Aug 2023 01:21:33 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0197E0FE5B9F4CF0AF00A0E1A4D91CFE&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame ED49 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=452BFA12-A165-423B-BCCD-1571C17A1756
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 30 Aug 2023 01:21:33 GMT
Expires
0
Pragma
no-cache
video11.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/e73704bbd0941d669a4c0238d44584f3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/7e38cbe0ad2a852a4403ab5f5decf0ad.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202108/d12f1ae3decd9b63913b5d85a608d348.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/68515ec66322ff7213d2211d7be9dd51.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/49d7ffcca0447ac2125f170263987b48.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/a9e722e59ec9295d0adc6fb39370dbd8.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/495555d2428b79a40e489efe7279a104.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/49e9ab5fce0e1d68f8fb499e437bd58c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/fbc286c40f2c992a40b9eacd900893ff.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/57e1babb29e7c7c22dc438040685037e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/badb929ee14f74aca12d00e1ebdadaf9.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/54acf8d0ec7610a882f9553f3ee358a9.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202112/ed72987824d4430cf333bcbf42a08c31.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/135a6bd58cb07064f57b9a5b7423d6b7.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/793be6523e4df37e90bf12082c33c04c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/65293796112165134ea2dcd7eec25e7f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/4b1ce36f07751feb3758c2736a32d890.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/153703999b11e267d01582983f204f06.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/7f117596244adecc7ac888ca2b61b4fb.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/5c7508a407c9df38a591d275ae4ecbb5.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/3b76f7d361fa6e0dece059401253afc3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/8afa8d492b2c82dabb9c725826a18793.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/8eb5d70bd28e828e550542e779e6d848.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/71be8f26ba7c1022de3d9e1392998570.jpg?w=150&h=100&q=100
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHZVMhcE9EpC69TaxBr7mDk&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
ads.betweendigital.com
URL
https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D%26ismms2s%3D1
Domain
ads.betweendigital.com
URL
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
Domain
stream.unibotscdn.com
URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video11.ts

Verdicts & Comments Add Verdict or Comment

225 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| documentPictureInPicture object| _taboola object| adpushup object| ucfad_async object| unibots object| AMP object| adRecover object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| setImmediate function| clearImmediate object| regeneratorRuntime function| reactSiteCheck boolean| mobileCheck string| clientDomain string| clientActualDomain boolean| playerRun boolean| reactSite string| previousUrl function| checkPlayerShouldRun function| runCMD function| unibotsLog function| unibotsCustomGA function| injectCustomJs function| checkBlocked function| getGeoInfo function| fetchJsonData function| unibotsPlayer function| addPlayerCssonMainWindow function| checkIframe function| generateIframe function| startFunc function| injectAdditionScriptTagsOnDOM function| movedivtotargetLocation function| checkPlDivs undefined| $ undefined| jQuery function| jqAlias function| runAnimCheck string| currentState object| adpGlobals object| googletag object| _apPbJs object| hbAnalytics object| adpTags number| ampAdSlotIdCounter function| _typeof object| TRC object| _tblConsole undefined| msg object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _qevents object| ggeac object| google_tag_data object| google_js_reporting_queue object| Criteo function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| ucf object| request object| __AMP_EXPERIMENT_BRANCHES string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN string| paramsString function| quantserve function| __qc object| ezt object| _qoptions number| ampAdGoogleIfiCounter function| checkFrameandInitStartFun undefined| google_measure_js_timing object| google_reactive_ads_global_state number| google_unique_id object| gaGlobal number| ampAdPageCorrelator function| autoDiv_or_FrameChecker object| adArray boolean| blockedPagesFlag function| loadStyles function| initFunction function| runPlayer function| shouldPlayerRun object| pbjs object| ox_esp function| clientJsFunction object| s1 function| clarity object| __uid2SecureSignalProvider object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_140 object| Criteo_identitytag_140 string| nam object| placementData object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog object| cmTag object| vttjs function| WebVTT function| videojs boolean| descriptionPage object| _cm_wfCounters string| lastWfUrl function| videojsContribAds object| listeningFors number| 3pla function| videojsPlaylist object| $jscomp object| canAutoplay function| videojsIma object| googDdmPs object| google_ad_modifications object| google_prev_clients object| dataLayer function| gtag function| startCMTagMain string| category object| google_tag_manager function| onYouTubeIframeAPIReady function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer function| isValidVideo string| myPlayerGabywa object| oldScript object| attr object| divWrapper function| focusFunc object| closure_lm_392230 function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| closure_lm_733302 object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| storageAni function| prepareAdRequest

209 Cookies

Domain/Path Name / Value
www.bg3.co/ Name: __AP_SESSION__
Value: a2e5edd2-012a-4124-a054-c41e66ba7afc
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: e5bcb92e-dfd8-454e-918d-b2c844e9c1c1
.omnitagjs.com/ Name: ayl_visitor
Value: b194e8a6da97957492dbdd42b6f58015
.prebid.a-mo.net/ Name: __amc
Value: 1_1693358482_1693358482
.teads.tv/ Name: tt_viewer
Value: e6e17813-321c-4684-b9b6-b35e6f4ab7ef
.rubiconproject.com/ Name: khaos
Value: LLX1X3HM-1Y-4NY6
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwkrO6pwY4AUABSAEQkrO6pwYYAA..
.adnxs.com/ Name: uuid2
Value: 4853856628407888645
.quantserve.com/ Name: mc
Value: 64ee9992-dc080-04519-02ba8
.bg3.co/ Name: __qca
Value: P0-569587477-1693358482724
.criteo.com/ Name: uid
Value: dd89d55d-5775-4cec-b567-a6a03ef96a28
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Db73bd692-320a-4686-aec1-646a0ae3e8fc-tuctbe81f12
.aralego.com/ Name: sspid
Value: 5f1c6df9-3061-33ea-998b-f4bd22e0570b
.openx.net/ Name: i
Value: ce8f0b3d-252a-46de-8e11-7298c0cc578b|1693358483
www.clarity.ms/ Name: CLID
Value: b71a5139aee5487a848dbc35e3a416e3.20230830.20240829
.aralego.com/ Name: euconsent-v2
Value:
.bg3.co/ Name: _clck
Value: 64362m|2|fel|0|1337
.bg3.co/ Name: cto_bundle
Value: 0VeYiV9MT0VTRjZYTktqNG5QZG9ZNVVmQW51enMzS3hJamJLVWRRJTJGVDY2eTR6S2ttRFNHTEtqMzN3MWlHTm1yYzh2dUNGN1hzaSUyRlNiSEclMkJ4WXpjY2xEZFZvTTVRY2p3TSUyRlpSZVAlMkJDdnF3U2VST1NwdWxKWnExaThpU2R2STF5VnB4SVk5dGtiZDcxMXdCTUw0OEFROHo0QW93JTNEJTNE
.bg3.co/ Name: __gpi
Value: UID=00000c6b685d36ee:T=1693358482:RT=1693358482:S=ALNI_MbYdvKrL1KgkOzIZXpFv_CoaGP_Rg
.doubleclick.net/ Name: IDE
Value: AHWqTUlmiiiPPCcxl6xXgjiiDD-2NwKwp1mvD98UgQqo5jdRUo0BJg2ihJU0XDl_
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7276866640929803979
.casalemedia.com/ Name: CMID
Value: ZO6Zk-k6rGJK08KKXgKetwAA
.casalemedia.com/ Name: CMPS
Value: 5275
.casalemedia.com/ Name: CMPRO
Value: 5275
ads.smartstream.tv/ Name: DID
Value: ae39be9ba178246f8eca2757e8d4fe6f
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBJSZ7mQCEI4yhviFZbWExnDgSQ9g8tcFEgEBAQHr72T4ZAAAAAAA_eMAAA&S=AQAAAlordG_yPFUuIoXd2eKkNak
.doubleclick.net/ Name: DSID
Value: NO_DATA
.bg3.co/ Name: _clsk
Value: 8oclr1|1693358484163|1|1|q.clarity.ms/collect
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVIkuCgF!]tbPl1M>e)ZlrFUfJ+tGXxp.Sc[O$8fCZHQ1=ERZ8u8@ZOsp-[8.^Fb=bhu3If)y3KL9D3I?+`PHKGC
cm.adsafety.net/ Name: UID
Value: CM12023083001bd117f92a54c8565710
.adsafety.net/ Name: cm_uid
Value: CM12023083001bd117f92a54c8565710
cm.adsafety.net/ Name: cache0
Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvcFRTb0E4MzNaWmxqMXRoRDNML1IwSmJ4eU05cndXc0VkRDRIeGpwcEJFYXJIbnVCVmtDR2lnMHhjbkRvcFVHUStSQzFQc0Jqc3JjRFhWeUQwbDNFMTZNRnAvWDBRWGMrb1JBaGlmN3hicm8ranBDN0xsRTNLMll6L1NYT01pTVlHZk0vV2xITDc5NXFGQXlrcGdvVTV4K2tPWXZJelBXUzF1dWt2MVJZNXlTc3hZdG9sazlKQmk3SFB0eVJwV1VTMWxuWGV5T1RyNjJtS3hDSm9rTDlURkErMTMwU1E2dU96b3UxeVRqKzdlNTVvOFdGYWtNYVZqa2JBTWFtMmY5bFAxN0RkWVp6WDBVNlRXVU5QWngxWUhPMEFXMEhDNWIvTGI0b3dWL3BkVDZmdFNEeWhJS1lPaHpkbWVxc3M3TjdRPT0%3D
.linkedin.com/ Name: bcookie
Value: "v=2&e21dc913-3472-40ee-8822-e0169bd9dce5"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTMzNTg0ODQ7MjswMjEL2vypSVTJ7PhbOIf+SYXweXvr3JTJclxAqJAI4btUuA==
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2988:u=1:x=1:i=1693358484:t=1693444884:v=2:sig=AQGESSHz2BFhBMBxISo84YlDEFEB4cV3"
.amazon-adsystem.com/ Name: ad-id
Value: A28fKTTbNECZqPVDX67ewtI
.bg3.co/ Name: __gads
Value: ID=7933eb30c2d8f12e-22fb66285fde004b:T=1693358482:RT=1693358484:S=ALNI_MaKmPTSvWCNhW5fkMNvhKPcb8lyfg
.bg3.co/ Name: _ga
Value: GA1.1.1870201937.1693358483
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1693358484.1.0.1693358484.0.0.0
.sitescout.com/ Name: ssi
Value: e1cb4b80-20be-4cf9-bcf0-9be517fd01b6#1693358484512
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22B63FDA95-8A58-4B16-9507-E01E375AA322%22%7D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZO6ZlAAMXlM9EQA_
.w55c.net/ Name: wfivefivec
Value: HorYYnst1QB9TC5
.w55c.net/ Name: matchgoogle
Value: 5
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 587001ad279ea0eb
.bidswitch.net/ Name: tuuid
Value: fd9c6952-267e-4773-9dfd-6de7d3199520
.bidswitch.net/ Name: c
Value: 1693358484
.bidswitch.net/ Name: tuuid_lu
Value: 1693358485
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 7d78c60d7e4a5b5d9f3bbdf29696888b
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQME8xt0g2M0gxTzVJNE0yTbFMM05KSkkzsjSzNLOwsEhiAIKUdzOngmgoAABsCwuz"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIeTdzKpCCAgAfMwKB"
.simpli.fi/ Name: suid
Value: 0197E0FE5B9F4CF0AF00A0E1A4D91CFE
.adfarm1.adition.com/ Name: UserID1
Value: 7272919313479891102
.bg3.co/ Name: _ga_700YDXWXPV
Value: GS1.1.1693358485.1.0.1693358485.0.0.0
.tapad.com/ Name: TapAd_TS
Value: 1693358485211
.tapad.com/ Name: TapAd_DID
Value: 68fecba9-1e3a-44af-ae29-eb23b38d3712
pool.admedo.com/ Name: tuuid
Value: 315151df-e50b-4aba-83b5-43d5bbe4c04b
pool.admedo.com/ Name: c
Value: 1693358485
pool.admedo.com/ Name: tuuid_lu
Value: 1693358485
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.awin1.com/ Name: awpv18851
Value: 412871|1693358485|89bf3f40-46d3-11ee-9f65-22389f6b057d
.awin1.com/ Name: awpv11467
Value: 412871|1693358485|89c580d0-46d3-11ee-b5a9-2261897cac57
www.conrad.ch/ Name: HTLP_timestamp
Value: 1693358486256
www.conrad.ch/ Name: CEAffHA
Value: AW
.www.conrad.ch/ Name: __cf_bm
Value: rq2dSdDuruVf4pddbItRlJn5vol0w0pevqyVGnVD9.M-1693358486-0-AV4pcfyUyviBP7vdUrqGW5ujSP1A933eqFFFhI2XOgov0bUk36Y0QsCiR0uqH4uEZ4q4aH8f2vqrEpX6lJms3b8=
.openx.net/ Name: pd
Value: v2|1693358483.3|iyvQvNgun0.j8gqwksLmOge
.mathtag.com/ Name: mt_mop
Value: 4:1693358487
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-08-30T01%3A21%3A26%22%7D
.creativecdn.com/ Name: u
Value: gYY10mNslvInZx0lhCEs
.creativecdn.com/ Name: ts
Value: 1693358486
.awin1.com/ Name: awpv14702
Value: 412871|1693358486|8a505bb0-46d3-11ee-8c55-226543793aa5
.awin1.com/ Name: AWSESS
Value: 365825:2531885
.lijit.com/ Name: ljt_reader
Value: HPBxtRZHIDXCHu_cRruJxKnT
.minutemedia-prebid.com/ Name: wrvUserID
Value: MraIUYM-kp_mm
.servenobid.com/ Name: pid_312
Value: 4853856628407888645
.servenobid.com/ Name: pid_337
Value: y-fKgya1xE2uHX5gsbQ62fTRwhaaJVK4h2GWhUeTw-~A
.servenobid.com/ Name: pid_339
Value: y-fKgya1xE2uHX5gsbQ62fTRwhaaJVK4h2GWhUeTw-~A
.gumgum.com/ Name: vst
Value: e_d50d3990-135f-4223-9df7-303347650d3d
.admixer.net/ Name: am-uid
Value: 83223b3d94594f1292edf253045c7afd
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MrE0MzMxNbOwNBbiM9R1yUs1MA-vDMx1Ms8HAOf-zRglAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MrE0MzMxNbOwNBbiM9R1yUs1MA-vDMx1Ms8HAOf-zRglAAAA
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.turn.com/ Name: uid
Value: 3630025452598104057
.smartadserver.com/ Name: pid
Value: 1423789398647959843
.servenobid.com/ Name: pid_333
Value: ZO6Zk_k6rGJK08KKXgKetwAAFJsAAAIB
.3lift.com/ Name: tluid
Value: 1022224445056970700251
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.servenobid.com/ Name: pid_324
Value: 5142336724966456893
.servenobid.com/ Name: pid_348
Value: MraIUYM-kp_mm
.brand-display.com/ Name: _knxq_
Value: 81e6062d-beb8-ecd6-9bbe4b9c.1693358486.0.1693358486.1693358486
.yellowblue.io/ Name: wrvUserID
Value: FFaUUDM-Cp_s
.servenobid.com/ Name: pid_309
Value: e_d50d3990-135f-4223-9df7-303347650d3d
.servenobid.com/ Name: pid_310
Value: HPBxtRZHIDXCHu_cRruJxKnT
.servenobid.com/ Name: pid_317
Value: 1423789398647959843
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-5e23333f-ebe6-35a1-aa82-3cb42190cc12
.go.sonobi.com/ Name: __uis
Value: 59bdb483-cf2b-461e-b031-e5e10ecc29dc
.go.sonobi.com/ Name: HAPLB8G
Value: s86226|ZO6Zm
.admanmedia.com/ Name: admtr
Value: 4c628fb3-b9fc-443e-af94-33892914ad6c
.aniview.com/ Name: aniC
Value: 1693358486888-945078940339-001601-011-001831
.sportradarserving.com/ Name: zuuid
Value: d9985359-ad17-446e-ab5e-a0d38c866935
.sportradarserving.com/ Name: c
Value: 1693358487
.sportradarserving.com/ Name: zuuid_lu
Value: 1693358487
.servenobid.com/ Name: pid_353
Value: 0000EEA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 452BFA12-A165-423B-BCCD-1571C17A1756
.company-target.com/ Name: tuuid
Value: c9fccd07-dd99-47a7-8d8b-5922dbe35aa3
.company-target.com/ Name: tuuid_lu
Value: 1693358487|ix:0
.metadsp.co.uk/ Name: ruuid
Value: 03cbe419-5a10-4f08-a3f1-4e1e40391e96
.metadsp.co.uk/ Name: c
Value: 1693358487
.metadsp.co.uk/ Name: ruuid_lu
Value: 1693358487
.contextweb.com/ Name: V
Value: ZtbkD4oV96sj
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 7aca625beb9d387a
.smaato.net/ Name: SCM
Value: 41f9cab5d4
.smaato.net/ Name: SCMsas
Value: 41f9cab5d4
.360yield.com/ Name: tuuid
Value: d6655485-fa8d-4675-9833-12b7fb188aa2
.360yield.com/ Name: tuuid_lu
Value: 1693358487
.servenobid.com/ Name: pid_332
Value: 59bdb483-cf2b-461e-b031-e5e10ecc29dc
.servenobid.com/ Name: pid_328
Value: 4c628fb3-b9fc-443e-af94-33892914ad6c
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1693358487
.servenobid.com/ Name: pid_352
Value: FFaUUDM-Cp_s
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7d39f28a-f76f-4b31-a862-b1662b604886-003%22%2C%22zdxidn%22%3A%222069.66%22%2C%22nxtrdr%22%3Afalse%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7d39f28a-f76f-4b31-a862-b1662b604886-003%22%7D
.quantserve.com/ Name: d
Value: ECoBGwHqKYEO-TCJiTCuu4EA
.analytics.yahoo.com/ Name: IDSYNC
Value: "175w~2dmp:18yl~2dmp:198o~2dmp:18z8~2dmp"
.servenobid.com/ Name: pid_316
Value: 452BFA12-A165-423B-BCCD-1571C17A1756
.servenobid.com/ Name: pid_321
Value: RX-7d39f28a-f76f-4b31-a862-b1662b604886-003
.weborama.fr/ Name: AFFICHE_W
Value: 2Hb3Rs6ns4LY15
.rqtrk.eu/ Name: browser_id
Value: 1:71f772c9-a3d5-4cfb-a18b-631c9439b98f
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTM0MDAwMDAwMDA2MTY5MzM1ODQ4N3ZsZWExZGUyMDIzMDgzMDAzMjEyNzg4NDAzMzAxOTUzWDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWRRTUdINGZqZkQxR1ZmeEg1SFl0R3RaWldTNlM0VEc2ZFRSQjdib25laWRfX3N1aXRlX05ldG1peF9SZWFjaDEyOF9XRUJHQUlOU01PU1RMWTExNzY3OQ
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023083003212788403301953X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTM0MDAwMDAwMDA2MTY5MzM1ODQ4N3ZsZWExZGUyMDIzMDgzMDAzMjEyNzg4NDAzMzAxOTUzWDExNzY3OVYxMjI2MTMyNzAyT
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-g2DuLoxtsnmYMOh7jWSme4FhunKYZLkp1Gyew_t2&KRTB&19420-g2DuLoxtsnmYMOh7jWSme4FhunKYZLkp1Gyew_t2&KRTB&22979-g2DuLoxtsnmYMOh7jWSme4FhunKYZLkp1Gyew_t2&KRTB&23403-g2DuLoxtsnmYMOh7jWSme4FhunKYZLkp1Gyew_t2
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEBpgsDTDQGcMQ07rMr-L2SQ&KRTB&23025-CAESEBpgsDTDQGcMQ07rMr-L2SQ&KRTB&23386-CAESEBpgsDTDQGcMQ07rMr-L2SQ
.outbrain.com/ Name: obuid
Value: a21e8ffe-c749-466b-af2d-11e98559daf1
.ipredictive.com/ Name: cu
Value: 18a86487-cb20-4b9c-96c6-7f1a42396f8a|1693358487384
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB34gQDmS319CbVTIkcAJPBTYJ/t7Cax7f2mWzqzko0aSVyGt12SOnWCc7rCz2U4vJ0hVzfZLSZD/uoyBNGqA3hL1WoBSYwPI/Y=
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-94e41786-cd1c-5cdc-78a6-d1239c7086bd.7WcFuzvhVa1%2FqUQeqJjPqGdNFby69MJ1%2B0YkHmpIFs4
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-94e41786-cd1c-5cdc-78a6-d1239c7086bd.7WcFuzvhVa1%2FqUQeqJjPqGdNFby69MJ1%2B0YkHmpIFs4
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AlOQXhs0cXNx4ptEjnHCGvbAKa-4.nBLyQ7g0fGImxubdazdE2bpFMe9VBgCJY5XZeYSIwoI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AlOQXhs0cXNx4ptEjnHCGvbAKa-4.nBLyQ7g0fGImxubdazdE2bpFMe9VBgCJY5XZeYSIwoI
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICEyARdNMHiikCA-0L6gruxW_4VNqAI2gvK4j6aXtITGEHwYBCCXs7qnBjABOgTwi70wQgQ0wyvL.4On3FJiS0bke2xLzOEe%2BtoV%2B%2ByI%2BgPRCXSe2vc2pjRU
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICEyARdNMHiikCA-0L6gruxW_4VNqAI2gvK4j6aXtITGEHwYBCCXs7qnBjABOgTwi70wQgQ0wyvL.4On3FJiS0bke2xLzOEe%2BtoV%2B%2ByI%2BgPRCXSe2vc2pjRU
.zemanta.com/ Name: zuid
Value: fraC2Db-pFpi0kttCvnU
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7276866640929803979&KRTB&23263-7276866640929803979&KRTB&23481-7276866640929803979
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-fd9c6952-267e-4773-9dfd-6de7d3199520
ads.avct.cloud/ Name: uuid
Value: f6452273-e691-43e2-ad05-62a81736963e
.servenobid.com/ Name: pid_323
Value: LLX1X3HM-1Y-4NY6
.dotomi.com/ Name: DotomiTest
Value: 986429cc1de241c
.richaudience.com/ Name: pdid
Value: da676ce7-b808-40a0-a418-1zz1693358481
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAM4xNTwKqzDQNwLBRfAAAAAAA&KRTB&22713-AAAM4xNTwKqzDQNwLBRfAAAAAAA&KRTB&22715-AAAM4xNTwKqzDQNwLBRfAAAAAAA&KRTB&23519-AAAM4xNTwKqzDQNwLBRfAAAAAAA
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.us.ck-ie.com/ Name: CID
Value: c45d14b509f4928aec99a090151a6999fa1034bb
.bluekai.com/ Name: bku
Value: ikG99JKjfZu2omAJ
.bluekai.com/ Name: bkpa
Value: KJhz0X+03M9R9mY7iErXd9iKeUBsYKcuOaxYxES5zs7n3JHJGMw6bEF55BcNB22vebj4Qqljd4Ld5BbqAMfQhog/Bv0FhFMwLPiGFCrD2tc1oJs2H69xAsSM8fa54FPlmH38qedFY1Ce26gwRTr9Bn5c48De9+nvtbtHf4U7tSHeBATwW1PqpvmT0ktczkqVDKMuMnW3pO0S1QzWD/8EHdph7ximaaQozkqEY6rn6n58h9oUdnbWHIhXiRJMzQg3QAwBz6RmweCM78uUQsNhWCfvv7jX7BDPKDkTZSUcSgdkuPS4HmQZECi/csiXKmXZ8S6Ued6b3KWot27qVJqNwxY8yaTd
.richaudience.com/ Name: avcid-sma-uid
Value: 1423789398647959843
.audrte.com/ Name: arcki2
Value: 125Sd20awOKQ9CsZXmwYBgTZQ!20220908!1693358487661!ip#176.10.107.238
.audrte.com/ Name: arcki2_pubmatic
Value: 452BFA12-A165-423B-BCCD-1571C17A1756!20220908!1693358487664
.smilewanted.com/ Name: sw_user_params_infos
Value: iad5mwx4DOjT3n2%2FOY7iOARyixW68tUDo3A61xcnij556Bams9Qexbdx2H7WvKOAAS5GhAcsIOqgzfJ%2FptZ6iqpKjaRoIoAIgEtXYNHh4i7AGSuPBXgZJcnZGbcaHEiGCxmRYLcoy%2BWppqHiW4HWq05o5y3A6%2BdCM9ysXAGOUK5BnXMoFq2ssTDhdGfZNmvaF3KTGzoWyqW6NCRBWtR5%2F2uxsnVcU7q2w8RUoM6X%2B%2FV0HuMXnSu5OpsLc4NK1zy1h60%2FSFgEXGgtnarUfT42ExJ1uYNAiU5C7KfjR7%2FYlgbmBEMmM8lHCfe%2FLLX8vhbeYU6cXZBRDS4cR8Fg23mJnO9OfYX3zM8FEeQZF46KHq9jgnX57oOwTQpxgpXZJ510
.audrte.com/ Name: arcki2_ddp2
Value: 125Sd20awOKQ9CsZXmwYBgTZQ!20220908!1693358487821
.aniview.com/ Name: 1_C_105
Value:
sync.aniview.com/ Name: 1_C_105
Value:
.audrte.com/ Name: arcki2_adform
Value: 7276866640929803979!20220908!1693358487979
.pubmatic.com/ Name: SPugT
Value: 1693358488
.socdm.com/ Name: SOC
Value: ZO6Zl8Co5ssAAHoOgbMAAAAA
.pubmatic.com/ Name: DPSync3
Value: 1694563200%3A197_201_245_241_235_227_226_219
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 6
.pubmatic.com/ Name: pi
Value: 162412:4
.pubmatic.com/ Name: SyncRTB3
Value: 1694563200%3A22_81_21_176_254_204_46_13_56_54_3_166_234_214_238_251_220_249_88_233_71_161_8_264_55_165%7C1693958400%3A15_223_2%7C1694649600%3A35%7C1695945600%3A203%7C1694217600%3A63
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlsbGphYmlgZGh8ShzOtzCzsDAAAB5G--ogAAAA
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4853856628407888645&KRTB&23339-4853856628407888645
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7272919313479891102&KRTB&23369-7272919313479891102
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5142336724966456893
.pubmatic.com/ Name: PugT
Value: 1693358490
.bidr.io/ Name: bito
Value: AACWc07J3TMAACV-AnxsBQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.onaudience.com/ Name: cookie
Value: 0991025d5c421830
.onaudience.com/ Name: done_redirects147
Value: 1
.adx.opera.com/ Name: UID
Value: OPUc02c09529f8c4753bd0a8a2df37cd09a
.zeotap.com/ Name: zc
Value: 07b6b6cc-fb41-4b44-50f9-eb90c6c5696c
.ctnsnet.com/ Name: cid_bee58f3f75444825a84716de255eb598
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: 2a77e1b8-abaf-4cdf-a216-d9de91313262.462572490
ads.playground.xyz/ Name: connect.sid
Value: s%3ABnO1JNluhBoVqlqSA540avlLVoBQ84a8.whIlG00sJyG%2BTCEAEkwfXABQHk9ldEw1or2oVxMzTf8
.csync.loopme.me/ Name: viewer_token
Value: 813030d1-758c-44cc-8439-3b0a260628da
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-lOQXhs0cXNx4ptEjnHCGvbAKa-4&KRTB&23334-lOQXhs0cXNx4ptEjnHCGvbAKa-4&KRTB&23417-lOQXhs0cXNx4ptEjnHCGvbAKa-4&KRTB&23426-lOQXhs0cXNx4ptEjnHCGvbAKa-4
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUc02c09529f8c4753bd0a8a2df37cd09a&KRTB&23485-OPUc02c09529f8c4753bd0a8a2df37cd09a
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5MzM1ODQ5MDMxNCwiMjQiOjE2OTMzNTg0ODQ2NjksIjM5IjoxNjkzMzU4NDg0NjY5LCI3IjoxNjkzMzU4NDg0NjY5fQ
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-e1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348&KRTB&23418-e1cb4b80-20be-4cf9-bcf0-9be517fd01b6-64ee9994-4348
.de17a.com/ Name: guid
Value: 1.8996300839723427136
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3630025452598104057&KRTB&23150-3630025452598104057
.smartadserver.com/ Name: csync
Value: 76:CAESEGyxegA6P5m0Z4E4o7eIpOQ|127:AACWc07J3TMAACV-AnxsBQ|133:41f9cab5d4|139:0
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-8996300839723427136
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-452BFA12-A165-423B-BCCD-1571C17A1756&KRTB&23413-452BFA12-A165-423B-BCCD-1571C17A1756&KRTB&23479-452BFA12-A165-423B-BCCD-1571C17A1756&KRTB&23505-452BFA12-A165-423B-BCCD-1571C17A1756
.semasio.net/ Name: SEUNCY
Value: EEEFF0703259943D
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1mkk|7dN.0.AACWc07J3TMAACV-AnxsBQ|8nK.0.1
.tribalfusion.com/ Name: ANON_ID
Value: a6nwYSMZaAC7pqGpS6Zdsb17ULTL1VjJdXUsF2QhyHU4LcZbVYgs7PqsCeyZb1XbLg0cZaKWQeosG22Hk4ZdtYQNtqOxQ4TfZadMX1WTePQZdfBYrb1ZdZddYfC0YxBiXBoUgA
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-39puKE4JaRRbaXVQVjWXbSYa
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACWc07J3TMAACV-AnxsBQ
.gammaplatform.com/ Name: _aGeoIp
Value: JP|Yamagata
.gammaplatform.com/ Name: _aUID
Value: juuxb1tts5qe
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-juuxb1tts5qe&KRTB&23446-juuxb1tts5qe&KRTB&23465-juuxb1tts5qe

38 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/495555d2428b79a40e489efe7279a104.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/fbc286c40f2c992a40b9eacd900893ff.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/49e9ab5fce0e1d68f8fb499e437bd58c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/57e1babb29e7c7c22dc438040685037e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/a9e722e59ec9295d0adc6fb39370dbd8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/e73704bbd0941d669a4c0238d44584f3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/49d7ffcca0447ac2125f170263987b48.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/7e38cbe0ad2a852a4403ab5f5decf0ad.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202108/d12f1ae3decd9b63913b5d85a608d348.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/badb929ee14f74aca12d00e1ebdadaf9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/135a6bd58cb07064f57b9a5b7423d6b7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202112/ed72987824d4430cf333bcbf42a08c31.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/4b1ce36f07751feb3758c2736a32d890.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/65293796112165134ea2dcd7eec25e7f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/793be6523e4df37e90bf12082c33c04c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/54acf8d0ec7610a882f9553f3ee358a9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/7f117596244adecc7ac888ca2b61b4fb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/153703999b11e267d01582983f204f06.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/3b76f7d361fa6e0dece059401253afc3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/8afa8d492b2c82dabb9c725826a18793.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/5c7508a407c9df38a591d275ae4ecbb5.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/8eb5d70bd28e828e550542e779e6d848.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/71be8f26ba7c1022de3d9e1392998570.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/68515ec66322ff7213d2211d7be9dd51.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cdn.adpushup.com/42753/L2EvemhhLWppLWhhby14aWFuZy14aWFvLWppZS1qaWUtamlhbi1iYW5nLWNodS14aWFuLWRhLW5pdS10b3UtbGEtY2hlLXNob3UtYmktZ2VpLXdvLWNoaS1sYS5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHZVMhcE9EpC69TaxBr7mDk&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 482)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://track.webgains.com/link.html?wglinkid=3400961&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jmf44w5z7d69n3rezxrwmc8ae67bg2keyg7dpsf01knfk21kcnxy6tk86znq71n6dd65bnhtn7e5n690zyzt7mvrr8des60spvzkm59mx8zgetpwqw6ae8ksgjdzqdky8fsqpmn2gfdzqpp9emayjfstkz2kx74bk7jw0rh8cqwp78rr2b6nex19hzv0dqtjnn5t3h9f7yd90hz74xdp28jnvm4jkk2kabtb35rx4tabsxz4dqrqeg726vq4xgs%26a%3Dhttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Fdbm%252Fclk%25253Fsa%25253DL%252526ai%25253DCvlVLkpnuZJaAJ4TWzQa_lLe4CsT-wtJoz8bNpokL-y4QASC35YQhYPUFyAEJqQLsn1KfTUOyPqgDAcgDmwSqBLsBT9BES3PNq3zfodlYgprHk1eshnBqMHYOR_AOKaizcYPe6Fjd752RSrA7vYHpPLzFOfepnD_o0cIjbr0BdbmbydHhyYUjKzH8xLhoa-M1JAi7Zq-1nBB2xqBZjdRxTHMt34ogwTerZ0Q4Jsesm3kvszzB4vZrGK-aI8v-qDLxkpG80UmP4Ttbx9JTv-p_tlqPsOupEcpZqWKD4UyktGT2NchRc7tZe_q96fROObl2sTguKa0apq7LHXBzZcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItNjkzNjU2gAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%252526ae%25253D1%252526gclid%25253DEAIaIQobChMIlpHX9puDgQMVBGvTCh0_yg2nEAEYASAAEgLI9_D_BwE%252526num%25253D1%252526cid%25253DCAQSMgBpAlJWNG_qTrAtvCJjztkYbftH3M6gjLYPRWU0LbiS55VhbSH4EtNnTnSRxZ4GTawnGAE%252526sig%25253DAOD64_0Bbfbnw1EZp66OQ927DNiZM__LBg%252526client%25253Dca-pub-5722610347565274%252526dbm_c%25253DAKAmf-A637oTepq_rAQfumDYC5lWfPEqfu-A0b8mgAO218AS0qEZco4JUAUkc0-Cfk3-VaE8zceL2ymLS9YuBUjHVP-oqjh0eOje0dg_lT2NlzQzxi2fHwNSF1LnbO0u5-AGTneeScTjS7bpazYwQ7K9HSrmDBJxzT4sw7SVHjFDHOrvzZIrYyc%252526cry%25253D1%252526dbm_d%25253DAKAmf-Dn1OaWIurmIg-iyp5FYiUKRVQbt4To3nQzHxyg-_MY98AmUvBrQrlD3X_niGFX3OHVnNNVXzDyxzImiZvm_R_OLQedaTk75rFbFUIwE6UszzJfMmwcjICMr2wjbj_0D4sCGTtu4Bsma4grIjdiDrcnLnEK0FtTZaFuMiEwEIOidI1RbV984yIsglcmDB7KN_x1kvhMImLREguHQmmPWlqqZyJ5J00wTqWcncaBuabhHE0YAGK_ObiTwlbIonK8aQX5symfEoC8ToUuDovtwwokeIMVAxcjs4UsTKK_OrfBqaWLmNyc0_5rnbY4wQsNNiwZ4eYMbd6mtZi4YQr4jqUlrq8pUJMhu5BhZpnFAqptR2k1KXRl5NbfVLj6Z2f47j9hxs8APNASYJXWrm0KcyT7gzru5kgx6qDptgfwdnvI2-jGxs4otOaaR4f-YyAAROwSnyq2F9GFHCyXKhAjhv0MDZvU2CHW9H583Aed2tDG46ywJK7SZHY83PGJqLMLSVnLgldYxwo-o2zdYeHDB8jgqKBR3XMdSav_TIiEOee4Std3ql5w0ZiKiQYCSsmTFzrSqjRq-_C4ux-HMO8VuVXsatD2R5Tad7Wla1kqUxsudtLoPrzhVRJAL3xgQ87bTsJ7XIGv%252526adurl%25253D&clickref=oneidJBWFzfmY3qa3geWcBH6H7tqCER2CXTgT4WtXoneid__dbm_Awin_Reach02&viewref=oneidprMH1fDARpF9rkZukH4HmtztxZ3UgTRT8XaEoneid__dbm_Awin_Reach02
Message:
Failed to load resource: the server responded with a status of 429 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hf1znambe6r8p8ab2znk8j38jhpxmv5x72te35r178zhzb56sk0874fyz0vk539ajas7gat8b2xcem7cxk2jnjazvhey7g4whyq15ztxhe9z4e9bf09tt25g79tyn8pm2457528nk77pwky96d54086ncbpmb6q0w1bya4pm2mvhta7cwfnxjgxbg0kyajj2df0tczkn1th7xrbp9gxcrw6m3m3ddnqqajv36fes43y7mya4f6vzx9j233v79wd6j90%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ha4bhw9snhz3wkk3wv0bqarr0t75t888pmczsakbm264y8z620p51sh14czrm2w8c34s8ng5pxs726nvtgk2e190mvty7d2m9z69ctw9dje4p3sej4dcx1m3m20p0qg7ptmrb42azhepf0g6z7nht3gga47v22aebhbnv8m94dbt7q0v2nhvtv8h2h7te3yyx4k1xrweteegg1jwyf7mw2ck2qdjvk2v5rn9sw7sxs6z7tx9qnawj5csfjge16d0p2h5kvwer82702fh382j42dkg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvUu2k5nuZIaoM5XaZObpi4ABkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQLsn1KfTUOyPqgDAcgDAqoElgJP0JJgm0PRT1m45zrJyKVp9NGWTYionuaNhjYs2ot-AgFbX4XDSpMxwI8wn7oV4tZzE3N-1FWuOLFHcPq8HtlvrlWQGYFFQoR4PGSKCJmMwL-KwXfHeCxkVWRhUaXAc--KQ12ptS5i10Rbzr1-FXqzpoiyqDtGn3HJKT9F42LD0Cq_OVd_ZuzhC9k3sSos634T97Lcsebc4AtKCT_IBYnm30tHK_kaq4-J03ukWCHUklgcl-_bvP9Jtz0HDKhwTTFwsAlRK1bzLH5gLNh3iOBl3afNxZ1gVwNlfkQ4GJwUMr3drsj8Dfd2jnidmawa6XZtPQsrUPglQMxY5iqWfonWbXLWIz7zOCJ6ypedVFa_8s6g0k7qdYAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0wlaYbxeks7XFQ0NQCaTCqoq2Q-A%252526client%25253Dca-pub-3216231935713038%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=0001yum0ea866kdiceebhhi98ldd7cecg7eeefigiaabackkc2jl
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://o4504469071069184.ingest.sentry.io/api/4504469072117760/envelope/?sentry_key=a4be36df873c4aa4905baa71ec95ed62&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.64.0
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://o4504469071069184.ingest.sentry.io/api/4504469072117760/envelope/?sentry_key=a4be36df873c4aa4905baa71ec95ed62&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.64.0
Message:
Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
a5129.casalemedia.com
a988d8e92c02044dc6e85070af069dd5.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad4m.at
adpushup-d.openx.net
ads.aralego.com
ads.avct.cloud
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.smartstream.tv
ads.stickyadstv.com
ads.travelaudience.com
ajax.googleapis.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
ap.lijit.com
as.ad4m.at
assets.ad4m.at
b1sync.zemanta.com
bddc6028702850c1fb546343868fa55d.safeframe.googlesyndication.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
casale-match.dotomi.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.contentspread.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
cdn.unibotscdn.com
cds.taboola.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.adsafety.net
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.minutemedia-prebid.com
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
csync.smilewanted.com
d-32056384452617586320.ampproject.net
d.adroll.com
d5p.de17a.com
dclk-match.dotomi.com
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fb26f81e5db681b95c287f938c88a985.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gov.aniview.com
green.erne.co
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hal900010.redintelligence.net
hal90002.redintelligence.net
hal900027.redintelligence.net
hb-api.omnitagjs.com
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
ib.adnxs.com
id5-sync.com
ids.ad.gt
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
inv-nets.admixer.net
ipac.ctnsnet.com
js-sec.indexww.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
newsbot.unibots.in
o4504469071069184.ingest.sentry.io
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
openx2-match.dotomi.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pips.taboola.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
player.aniview.com
player.privateserving.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
prod-rtb.ad4mat.net
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
q.clarity.ms
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
servedby.grouprvn.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static-de.ad4mat.net
static.bg3.co
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
stream.unibotscdn.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.aniview.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.richaudience.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.adx.opera.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
track1.aniview.com
trc.taboola.com
u.ipw.metadsp.co.uk
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usersync.gumgum.com
vast.aniview.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
wf.taboola.com
ws.rqtrk.eu
www.awin1.com
www.bg3.co
www.clarity.ms
www.conrad.ch
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
ads.betweendigital.com
static.bg3.co
stream.unibotscdn.com
sync.search.spotxchange.com
103.231.174.251
104.18.38.76
104.18.39.155
104.75.89.75
13.32.99.85
138.201.63.145
141.226.224.32
141.226.228.48
141.94.170.77
141.95.171.141
141.95.32.72
142.250.184.198
142.250.186.162
145.40.97.66
146.59.148.16
151.101.129.44
151.101.193.44
151.101.66.49
157.90.211.246
162.19.138.118
162.210.196.208
162.55.120.196
167.233.13.224
167.235.184.171
169.197.150.8
172.105.43.230
172.64.148.101
172.64.149.180
172.67.10.198
176.34.208.209
178.250.7.11
178.250.7.13
18.184.69.99
18.192.134.194
18.200.64.186
184.30.16.183
185.106.33.48
185.184.8.90
185.255.84.151
185.255.84.152
185.29.132.241
185.64.190.80
185.64.190.81
185.64.191.210
185.80.39.216
185.86.139.104
193.0.160.130
193.135.9.127
195.5.165.20
198.47.127.18
198.47.127.19
2.16.238.158
2.18.160.23
2.23.197.190
20.231.53.73
2001:4860:4802:34::36
2001:4de0:ac18::1:a:2a
2001:678:cb4:bbbb::11
202.241.208.53
208.93.169.131
213.155.156.166
216.52.2.48
216.52.2.91
23.218.210.30
23.32.184.192
23.56.202.187
23.97.225.52
2400:52e0:1e00::1077:1
2400:52e0:1e00::722:1
2600:1901:0:76b9::
2600:1f18:24e6:b901:5b57:3cdc:ce57:409f
2600:9000:211e:fa00:1b:5138:8a40:93a1
2600:9000:223c:ba00:6:44e3:f8c0:93a1
2600:9000:223f:5800:1f:4c18:bd40:93a1
2600:9000:2250:d200:a:e047:753:6381
2602:803:c004:200::140
2606:4700:10::6816:1857
2606:4700:10::ac43:17ea
2606:4700:10::ac43:266a
2606:4700:20::681a:71b
2606:4700:20::ac43:47fe
2606:4700:20::ac43:4a81
2606:4700::6810:5914
2606:4700::6812:18ad
2606:4700::6812:bbe0
2606:4700:e0::ac40:6719
2606:4700:e0::ac40:6d11
2606:4700:e4::ac40:a923
2607:f8b0:4006:807::2003
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2620:1ec:bdf::45
2a00:1450:4001:806::2008
2a00:1450:4001:809::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2006
2a00:1450:400c:c0b::9c
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::a
2a02:26f0:3500:12::1730:179c
2a02:26f0:3500:12::1730:17a5
2a02:26f0:3500:58c::2c79
2a02:fa8:8806:12::1400
2a05:d018:cc3:fe05:68a7:929a:9ab1:3195
2a05:d018:d29:3602:2dd:853d:91ea:688e
3.122.68.240
3.213.106.164
3.221.13.170
3.224.91.154
3.71.149.231
3.73.109.228
3.74.29.98
3.9.22.61
34.102.146.192
34.102.163.6
34.102.253.54
34.107.148.139
34.111.113.62
34.111.129.221
34.120.107.143
34.120.195.249
34.160.19.107
34.199.0.42
34.225.251.53
34.253.165.174
34.91.62.186
34.96.71.22
35.158.222.16
35.186.154.107
35.186.193.173
35.190.0.66
35.210.239.72
35.210.53.219
35.214.159.146
35.227.252.103
35.244.159.8
37.157.2.234
37.157.6.254
37.252.171.52
44.194.237.52
44.209.220.96
46.228.174.117
46.4.10.47
51.89.9.252
52.0.248.85
52.210.15.1
52.210.70.148
52.211.254.183
52.223.40.198
52.46.151.131
52.51.131.236
54.158.197.157
54.229.162.154
54.247.40.125
54.36.108.3
64.202.112.223
64.227.64.62
67.220.228.201
69.16.175.10
69.166.1.35
69.173.144.137
69.173.144.139
69.173.144.165
70.42.32.127
72.251.241.196
76.223.111.18
77.243.51.122
77.245.57.72
78.46.111.106
8.2.108.175
8.2.110.24
8.43.72.97
80.77.87.166
81.17.55.108
82.145.213.8
84.200.5.215
85.114.159.93
85.91.45.43
88.99.219.174
89.163.240.121
92.123.148.9
95.101.148.20
95.101.149.35
98.98.134.242
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02070959aebb82ec9bd95b483fc69fc16e248a67fe816cc43b0f421e54ddc67b
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b
03293e996cb7e1e98e2d39f5b5add0bdcd77fdb8d4ea63339e652fa2008afbde
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
050ec4d92c5b1d288dca8a55a237020fd146e01868b332e0b0e9daa490d79868
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
09db039251766d76dd3ec8b446813be70778c66e060c306b63ceb96aa200b4af
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9bd9b5591994cc9ee339949b213d6b636909d874601730b81674da5701f597
0baa94216c66d3a4bdc270836e0a2f467deb4c429100b83a16fce4100a67cac3
0c19ceb9e644432030306134ea0de541336c4e1698356fab363bf803e2583990
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0e737ec8770445ca53b2096192c7f10c94a69d144fab767d02854d572fb04298
0fe50eb5ac253bf73a6d41ee2da36981e534b7c263026037c7966083a7f9f207
10bd7a4efca8b85f4a2e4b1a7df190893da804abd93321d7b0500e7877488acd
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
16466ab14fa67cadb9fe1240eb6d3ee8c287a0ddcf4c2cf81eb77ba4bc9ebcf7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19ca7fd01ac3b9345ac5d2d90e34cea22ddf2d5d8756ba3b054d96726db22405
1a0027db491484e4e9f20788aea67151d17e15580c715638b8f2e378c8f72fc3
1a2db5812f1e88abda4a5c9b7d626aac4987ab46525d25057200c160ae1450d5
1b551b5aad16d9d87d629d82d84f5fe7e03179f8a2e924fef9fed5878e415329
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c2c94f60fa3f03bde04bec658114dbca00259bcb8ab5a4c32205d1296e726f4
1cb229a9f92a061a214282ab703c8059dbe14cc53a51b4e28b0259dffb8f70f1
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
1e229e795661d9b3f0e7534df3b8af346ca934a563664581f9b978133c48e281
1e34222b88bb8dd60c1200d0422c58749ca77f9bd11f914adfa547112b594a0a
1ea777d335b848ca3e04313fa53fffc5b226802fef61a4d2f19c111abb81a6b2
1f04748c6c1022211f2715efee19aea61fbe787df16e5743e943ac47fd1fe040
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2065412e0b91ea085f9b2597266803254481eace292da79d7b12b0eb2cac06be
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
206a5816dd0a975ad8ca8307a017de9757f4d5e4eb039c26d47c3390e7cc845c
21a77a399af3c81d3dbff214b8ddb131ebd90baec28b02d3781116ae7afbd682
223b0d1f5fe9805e59af9f9b4eca70ba74d52431790f365d72f6c4c761d1c961
2367fafbf4a3a3182e6ca0c4b1a76b3fe078e5f80bc34e9d62f19f999fd5e0ba
250b791fe66012163be6d435c2521821d4d00d7da87210030c69abc8eaf29027
25d2d2d08f72ff6fb277f8a16ccf6204380e718197aa5ab8fe91c82222698aab
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
28d1764b929a95aad8c00aa782bf66c9ab265c40e5ff9ff6fc4226f0af7a94a1
28e0d25399aa9272b6476a5ded5ac8ffc339c2021b68bc82a71b4468faa9b655
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2b07978825469958bbbfb05b0a5f8380b29f43751340910278d0e85645e8d413
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d1d38e921b2af298d6913929f27f091a9e80788ececa370657e2bae396c0e6b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2e71f18edd174a4cb13dc9b75daa0d9d7ce1fc949585941eac0f85263893bcac
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7fd1d6651e37c961b69957f5037d3237ea523fd55d5d3a60ddc3fc2b61ecaf
300019961046bc99d7943010b6858e421085dc333b375ffc7014ca6f97bb9e2a
302be377185f1d9c660dad950516501936a7910aa304bcfe5b685fcda6f02dec
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32eae5ac37a6fa422532679db09a5ba09e1fb0559d191208ff1babbc1be1fe7a
3381eefb1d27cb110697afc4e4d12efc2e245609113ef6e53d4caf1db9d5f5e0
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
33e1de165482304fe4e4f87b957b4c73d2be6d0d5d944955b0c94d37446ee2e3
3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc
355eb73ef3ddead38f9ac663bb3cde3cf51a4dfb446937f5aca3e716c3c99e73
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36d1268298a6da877a354aa0afefa709bc3c35e373d547d04ea67943b6aba853
373fc6175258e52c18ccb9668048ea2dd607192fd3eba02eab05b2ecb8725291
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
3836ee0615887017d2a7c33c1e11ae18790475d24df2a920d3aa3ece704114ed
387693ae9129954676f66cc2f2d2352e94457c2ff461f778551af1594585d90c
389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5
38d7e0d472ff66c5513cd8c722327a7bc13018694b598e4b373bb34dcd3844e8
38d96735bde2e2c59266472297e95420bbea8c9c3f6d5bcce1548c3a62243249
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b21494e0b9fbdb189c3d293c079eb568bb7a99a49e7d054e2990ff169624772
3b5b78f1ac222305bed0580fe20b7a706b0203728a21ecaea79a8e9e3c0b012c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3efc9b7ed428975553d8f0afde42fd1ae55ccb873929d727dc3bb4d81f083fe8
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407649409da84d21705ad1e3a847c527e7a76f0cb3086f5c65cfc9b4e8326755
414b99d0b12ace50c7f9564dc1312dc8dd402eee7f4e21a09c8eb985bae52e80
41690e2aa8566f9729efe22abb783d94d0c4e6360230ae933941ade592d7d8e0
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd
43d46ca8ec37f3df134d8374fe75a94d8eed05f56a09c94ce4fbf81e425f18a4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44202c00bace1a774f810cb4579aae69aa15200bce4e79708c4428c1a38dd1ab
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
45d5024badc735b0a3c222ae690abceb93624509591f80755d30461c92cf7600
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
478738cc1c1845552076c7ddb6d9b34784346ceae016bba6a25a0fcf055137d7
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48af09fe4efdcacd6e1ca2f3e828ecb4caa2d86045157c93630381f093bd348c
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b673474d7fe2ad7a98b5617fb084c233ca9940c11333a138cf1eec90d71a0e0
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f5b11a8ed95cc5ef94a4a6fe4d32f704dfeca16300ca4c67cdcffaa01aa2481
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
5036dcc7ec8f270dca4085218407fdb04bfae79a0875354ecfe798f7b26b5055
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
50fb084e53a8aeffaefffbe1612b995ff22ec168455280aae50f40187263fbeb
51d580ee371be5650197f21f47a40118b54a91aec835cdd835dfbe0c40732d23
5202e7926abdc854caa5ea2f0f89a8729072668e545c5f37a6b446dcec769241
52c92a8c2727eeac3fa276d4ef2c5ce04adf1995ad96a2bbb3fbc49afd107e99
533d2ee34cb1a4b281414f52e814ac9b8f6fb7810552fb2bebe23943e04291a9
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56054bf9cf09691ffd386eff93c6e0d6bb37f013169e654ad69452ca46ea04f0
5b3054cad42c9d6b8c8e8dfb7e976141618f7d080f4820371e089255e41a6be8
5be6bcc84ac72b32eb82c411cb86b875a40c10ef67b22c9a7c40e5efabaf2dc0
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cb07d0ac8b04c4362804696766eb2445aeed711c9040c49a1b16b75504c32b7
5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d95f53a5578a8535d127a7041191865e9651fe932cdb84dd6c2d08b6a8c518f
5de76ff60eda0bfa1c2f0e340e7adfec5b207928469ad3ad7061f45cac0a691b
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
618dd33f26b4b7d3e53febd902ad19a26126d7bddcb3922b39383f744f63ff86
619e106a21b76b85b674cddd388ddb72935eee56c2a3037380e6827c257178a6
61bd61275d0bcb32c94307af4841ef25ed29edd6b3c01928c6d4f3e72023edd1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6251e9bd2e967619021c1ed8322c6073d535572bd095f00a7b42871ba8f3dd2b
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
676025def6ee0a935980fa086104a8cb19a38d8c751469231333ce43740a8cce
6888f02ec97560c38be7cf4dc7d037692f7368eb81f10dd3c337cbed1f8abe1c
696951a0fc34c88a95741265b422a027b06e6abf73aa449aa76026406ed54cab
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6de48d9ab8b44f4074a91243db076597c2da4a8fd8ecdf9119a4ac6eac5a76e4
70eb77b38594d0710ea412ca88542383bfa544a1e45c2686222ee03dde1da481
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7287a28fd3a5686be6cdfcbeedf17e03cbcd2c62ef5c28138d8f4f026c717e6b
72b7d329c2969ef1811e4813943451dd9e502b57678c12adef6c91bc60621456
7341a1907a4ed7aeaf09fa6971fbd0dcb58c9a6018305b1722a44cd4c301f673
74d841997c9b80beeb2bb14186ea9cd4c6e45fc6df8a6b362c104834a1360863
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e
75b3229ffe863066348df0918d08c5ab7fcd53ddf404364fa7e4797e3567beaf
770771d80263e4685321b0a06439115c430c8e287cedcdfef6db1ded24bd864b
785ab3f607af910860161420126772503e70521c4c4f1f9991bf02d458b025a1
79766b10dc3f6078cf469d910eee2d04c183fac5df15f34f6bdbc3e0fd94c350
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7c9898e809ba2721b9a31b38b166d74df665f29b60c3641a0040c364ff1ff42d
7cb7f4b280dba64eca19673b363dc1aaeb8deb027ac883653a4bc75974dd98dd
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7f5b3edabc05b8a6bddc3ff3901d7ed1f89c54f6b8bdc915013eaad6c1e1c9bc
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
81d44e431c189b87a663cd27e8c7233a90f103873e0152ad9daad5a48272173e
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
8428e18fa0e00de8dde69db31ec03ccafb44f23de1719ed3325dfa8f9119f42c
84ec45ebaad092128b2688507924ff0f15b1537392ddb8d7521a90928dd2660c
85644dd43bd4cd844ab209f5eb91ee8d46e01b891214145ff2e89a5a3ef5a00d
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
8963be88e36887565320e04c7dee61fc73cff6f6521938bb13adaefe6559347d
8981d56ad12440e4a887c1eadd162989de82309192f65090e0caeb6a536d0bd6
89ed9b4a17a685a30f2f8f46a6749bf5ed43a3fde2ee34845be82db018b261e5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e0b652db045d1d748da7caa5b9d6e7950a78bfe9883c1a56ab7a4f52fdb3ddb
8e0e19cf4bf43e2040f26aeca0429588bd564bdf8821d12a6a7e6cc864c4dea1
8f379674203c48a06c17732d28a1ee3870aebfae6a68f096403398f99c471ded
8f9e12b58649a80778f22de5ea2b09e064fd12d34fdd1716f8b3b631191ebd29
8fd68a54c973ad837724a6048e26edd4619b0f1c1796ef6493593ba1faab4ca6
9104212df7bb18cd2e0697773c91e0387ee338dfd3c3cf44c29e75744e5b464e
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
93334ab1ab8aaa5a11724a5fa0556d40013547bbb01599e2f93a2477aa7dd57b
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94ac9df91fde5d952c06fdf8ebaf86268f991a3dbfff8d73e4ca41dc66262de3
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9906c5d5262c34aeb4d19a89e52f26cf5d98453430da40435751ec5e2be18b43
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aabc95877405be6d241a9c2aac270eb9f0da56062d1cbc78c922eaf9004c8b5
9c54bf6ab1af08f7f512d67d17c99c32dd9bddc19421c9a7e672b2a22ffe5ed1
9dc8229552305055d78a81e3ce6c064d42766f69e9655a4b9c018910e0c8b9d7
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
9ed8d22b40d30ca76771d14a739c9ef4028fced22e2391f49f6ba43e6851cd79
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3c68d30d67b390ef28821b0aa91eade8f6d3c00e84ee0c9b7b77853a56ccb29
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a53a9787a025ade8a74728f7add74712fa5bf40f10caa688f01d367afe418b76
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a751bcba50f803b2976e034162689cd424f9098dd91fd894b9f9b83b60164bca
a7bc527ca07cb1ab3bdb0395695c880df4fb0ed21e3b8d4ea5e728f37ffd826f
a8a347e67412b43a5f7b1f5dd68e82101655949c78da94255ae1708e5ff38819
a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3
a8b0c75ecf2c64ba7ec16375f92571be298d825bee99bf428d38a5b268d8d44e
aa28b23382b0ab28224b8c0e4cb4ad7d1c15a6f2b9bc7208fa2b88329490cc56
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f
ad527d7ac9e5c62049e2d0186ab8a60a4a6d8527b78711a37be14a8bfc557d44
adb37f19277b0ba1c3ccdf15ea9a9bc80a61afacf3c5db2e4359cc0aafbd7d00
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af08bb25994f97593cccb40c520270051b68a8057743dde9e787606defa2a4af
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1972798c947d6ce0d3407ba91a934821091694f168ca2b7de512be1eb70e866
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b26642e9b5b35571197b2740f5c48d8fad36e67e784c7c72772a0c468ade3ee3
b3014a9fffbca04bb66d7db1b8c05487a8fd446d8fb53a7006af1267226756e7
b3deb40e8e4a2b83ad534cfddcd4c643ba0d44f001978663e3da177f9e839477
b41024ecc81fbdd5097419fd7d66554b16de976cdd0ca8def653fa6f6753ac02
b630dc7f29bcf755454482ad7e11218535c81ae05d49e8685e3128954ba05848
b769884fff3870e1bccafb97eba48f6583d7c130ec44b84d5dbb04ecdf39e96c
b778d1d3a9293d8413b4dd9ad71488a1a4027335ca431ac6da49f6ff7fdcb108
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbaf5cd5013cd0f67e88fb31032ca97a415a03927f72c788228b9d9a00889c25
bc43b92cd0ed6495cde2ac0f17ee1c4ac5980993148104c083a0c675f917b803
bd09c8a7b93803aa5920748a2f7b9dbfeac2c74bcff72e52f72c7c9abfab7534
bd2466477387e94dbde262c0c56612fe6ef46ec109b8d0d4069484a6f9ade247
bdc19dbf866429b51a2601251df71c118fb4f38f40332f56f8a26cff41da01e1
c153ef1ab17e83308822fd27d553e82ea7d86c85b376b2ad1e79f4795e15343e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c298ca8a0be65070ec8180b9dd3f2c4f5d68568458e8ded370ba0bb70bb57471
c4843bcd5884fc8c4b4409f5d349e687ef137349588fc07a20898fb9b457dc6d
c6362d0334ff109d9ca5f926d118b854d827569c503d4376335b8f0796554261
c6c5f2c4a0168792fcaba214f56439972ef30d4cc46de8ec2f172c729ca4ef4e
c6dedbf49578df8b1ec598034daa1324e417fbeef3602a7b7ab570390fb46fd3
c767702346d477daca8c9be65b7fbe6986a8a2dc767e5f7bc34f6e6a9a66bb84
ca2d392ec6d2f50fc6da551573044e64aad1d799a8d84e516065ec5b7f26df37
cd7bc03f1d054a94638043c1c84ebae5d33b3ed96660f55ca1d797850b6d1f0b
cdac16ee46310e8e5144370376c57e2e301bd93edda818e5a1e8add93084111e
cecad6a1e383ca19d5c150f7d5841030f88b9aae1b49620010f6b58c58c31f15
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d325ab445893189545ab5edb87543c8626b77f45abcbe45e874047373930dcce
d4f683c39724b4b24cce251d1653b70c002760f120aa7655bf2e067d0d6d874a
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d6c84b6607a1fb1669e2110c8f5cb7af35b2f5d6c2aa06ce0a6e9d1be2af99fa
d9008446b3f71fdeccc804952a46704e20da795249456593df1c2403fceee93e
d967862f671a258bd80640477fb8ab23f9a610621c2d754b7d17847a338a47f5
daf952ebb111e4f545496f2bbc252741ad9c0c693b672e3eeb7da6ba8cbac8d0
dc87ba247e5444027479aca672e4d5c0e51f956ffd68343ff750f1022ab31a8e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd1afa9a12375840ab6020dcac846aa98b4483f485c95d4f988459eeb7be4b41
dd3e225ea76235815b19dd73a043acc97dba688120c55a2685befa000db7c5d5
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d
ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d
df762dfa41d977d9bc161826e1111c7ccfa77f1fd3b05928476926c63e8a6a68
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
dfc7cf5eea93bbaa650c1d3f916621d49318f41bcc4f9568c1dd10ffb09c3f1b
e1053753d7356e9886501d1310212c927381cd36d4f16f9ceabd23fce8fe9cfe
e15c4cca57a411ee4af4d2ca12a0c4a26192db407e55fbdd32a3b7af1cc961bb
e17d49680857b72d753d327c0df23eceb075b4b835461a155e64f4bc1bc4d0a4
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4612453ee1173a62d2c517be3b9a8f79de7f91e219909cc72b4f165bf2e1e96
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5d3493dd28b3c0a908e30fa8e7aa3c98ba561837321b63038374ca17bd65dcb
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
e7706a77a81e49305eff01e04986f8695816feb04276debe29ae1d378892b102
e874f3357bdc2e91b37ad196d538c560ee68c4783d902fd8eaceb61fa8b292bb
eada67cef809faab179bb42d56042d47c6a205526e110cab1a8f03a585104a88
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
ec83228c18242e357a1d0e39f6549c72b03473f5d293650019ee95628cb542f3
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc
f4f7971226f0b06367e6548a5db398e65efe7df740e17e2b91bcf181994361cf
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f719a3fcbffd039a404cbde23d8bd3767c04bb0201efb8923217ddb8fcb166ce
f79bc8fc815aa09865432dcda81b09731e3cfbde18eec06b31690af1360d3d9a
f7a994af7c455a8262368f03cf539a57bc1fdfaa68c002a0ae84ddefc785066b
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f850aeb66ebd071a936f2a879916d67c6d18275de85f414f5489249c89dee244
fa149d2d5185647fe4ca8848b93deee697484008974d0d7593f05ceaaeb61daa
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fcb6eec6ad9e415f058503c96d3b39f1732e87a30ecaefe1e638206ecf0dc163
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e